Intern, Information Technology

Information Technology Intern - Cybersecurity Controls & Cloud Compliance

LENZ Therapeutics is a pharmaceutical company focused on the commercialization of VIZZ® (aceclidine ophthalmologic solution) 1.44%, the first and only FDA-approved aceclidine based eye drop for treating presbyopia. Our mission is to improve and sustain vision through scientific innovation. We are headquartered in San Diego, California, with our office located in Solana Beach.

About the Internship Program

Our Summer Intern Program offers college students and new graduates the opportunity to gain invaluable firsthand work experience. Join us for 8-12 weeks from late May to August for a structured and mutually beneficial learning experience within LENZ’s unique environment and culture. You will work alongside supportive, driven colleagues who are committed to your learning and growth.

This role is based onsite in our Solana Beach office Monday–Thursday, with remote work on Fridays. We provide lunch onsite and come together each day, creating a collaborative, energetic environment where curiosity, ingenuity, and teamwork thrive.

Overall Purpose

We are seeking an Information Technology Intern to support the IT Security team. You will assist in the assessment, implementation, and continuous improvement of security controls aligned with the CIS Critical Security Controls v8 and the NIST Cybersecurity Framework (CSF) 2.0. This role focuses on Microsoft Azure and cloud-based infrastructure, contributing to configuration hardening, policy enforcement, compliance gap analysis, and security documentation. This is a hands-on, technical role with measurable deliverables, reporting to the Director, Information Technology.

Key Responsibilities Of The Role

CIS Controls & Framework Implementation

• Assist in closing gaps against CIS Controls v8 Implementation Groups (IG1-IG2), mapping current-state configurations to target-state requirements.
• Support the implementation or documentation of controls across key CIS domains including asset inventory, data protection, access control, audit log management, and incident response.
• Aid in alignment activities between CIS Controls and NIST CSF 2.0 core functions: Govern, Identify, Protect, Detect, Respond, and Recover.
• Contribute to control evidence collection for compliance tracking and audit readiness.

Azure & Cloud Security

• Evaluate Azure environment configurations using Microsoft Defender for Cloud (Secure Score, recommendations, and compliance dashboards), Purview, and other Microsoft security tools.
• Assist in implementing Azure Policy definitions and initiatives to enforce baseline security configurations.
• Review and help remediate findings related to identity and access management (IAM), storage security, and key management.
• Support the implementation of Microsoft Entra ID (formerly Azure AD) security best practices including MFA, Conditional Access, and Privileged Identity Management (PIM).
• Assist with cloud workload protection configuration across Azure VMs, containers, and serverless functions.

Documentation & Reporting

• Develop and maintain control implementation documentation, evidence artifacts, and remediation tracking registers.
• Prepare concise status reports and briefings for IT leadership on control gaps, progress, and risk indicators.
• Contribute to the organization’s security policy library, including procedure updates aligned to framework requirements.

Collaboration & Learning

• Partner with the IT team to identify security requirements and integrate controls into existing workflows.
• Participate in team meetings, tabletop exercises, and working groups.

Academic Credit

If an internship is associated with academic credit, the intern is responsible for coordinating credit requirements with their institution. LENZ may complete required evaluations or documentation. Academic credit does not replace compensation unless the internship qualifies as unpaid under California law.

Physical Demands and Work Environment

This role is onsite in Solana Beach, CA, Monday to Thursday, with remote work on Fridays. The work is typically performed in an office environment. Employees may continuously sit at a desk for extended periods, intermittently use a phone, or use a keyboard for communication. Some walking and lifting up to 20 lbs. may be required. The noise level is usually low to moderate. Flexibility to work varying schedules and hours is needed. Frequent out-of-town travel may be required. Reasonable accommodations can be made for individuals with disabilities.

Qualifications

Required Skills:

• Foundational knowledge of cybersecurity concepts (CIA triad, least privilege, defense in depth, network security fundamentals).
• Basic familiarity with cloud computing concepts (IaaS, PaaS, SaaS) and introductory exposure to Microsoft Azure or another major cloud provider (AWS, GCP).
• Understanding of one or more security frameworks: CIS Controls, NIST CSF.
• Analytical mindset with attention to detail and ability to document findings clearly and concisely.
• Ability to work independently and manage time effectively in a remote or hybrid environment.
• Ability to handle confidential information responsibly and adhere to security policies.

Preferred Qualifications:

• Hands-on experience with Microsoft Azure (Azure portal, Azure CLI).
• Completion of or active pursuit of an entry-level certification (CompTIA Security+, Microsoft AZ-900, SC-900, AZ-500, or equivalent).
• Familiarity with security tooling (Microsoft Defender for Cloud, Microsoft Sentinel, Nessus/Tenable, Qualys, or similar).
• Familiarity with scripting languages (PowerShell, Python, Typescript, Bash).
• Exposure to GRC platforms or tools.
• Participation in cybersecurity competitions (CTFs), clubs, or student organizations.

Program Requirements:

• Currently enrolled in an accredited undergraduate or graduate program in Cybersecurity, Information Technology, Computer Science, Information Systems, or a closely related field.
• Cumulative 3.0 GPA or above; college transcript required.
• Currently enrolled in or newly graduated from an accredited college/university.
• Legally authorized to work in the U.S.
• At least 18 years of age prior to the scheduled start date.
• Must complete an application and provide a cover letter expressing interest and indicating best department for learning goals.
• Must successfully pass a background check prior to the program start date.
• Onboarding will be provided.
• Successfully pass all compliance modules.
• Final presentation on learning during the last week of the program.

Additional Details:

Internships are temporary, typically lasting 8–12 weeks. Pay is $20/hr. Schedule can be up to 40 hours per week. Internships do not guarantee future employment.

Key skills/competency

• Cybersecurity Concepts
• NIST Cybersecurity Framework
• CIS Controls
• Microsoft Azure Security
• Cloud Security
• Identity and Access Management (IAM)
• Compliance
• Risk Management
• Documentation
• Analytical Skills