Information Security Compliance Intern

Sprinto is an AI-native GRC platform that helps organisations manage risks, audits, vendor oversight, and continuous monitoring from a single connected platform. With a team of 350+ employees serving 3,000+ customers across 75+ countries, Sprinto combines scale with expertise to deliver trust and compliance. Backed by top-tier investors such as Accel, Elevation, and Blume Ventures, we’ve raised $31.8M in funding to fuel our mission. Trusted by leading organisations including Whatfix, Anaconda, Ultrahuman, WeWork, AI Foundation, and HackerRank, Sprinto supports 300+ integrations and 200+ global security standards, including SOC 2, ISO 27001, GDPR, HIPAA, and PCI-DSS.

Founded in 2020 by second-time entrepreneurs Girish Redekar and Raghuveer Kancherla, Sprinto is recognised as a Leader on G2 in Compliance Automation and has been named a LinkedIn Top Startup multiple years in a row.

Sprint With Sprinters
At Sprinto, your work has purpose — and your life has space. We are a workplace where you’re empowered to execute on your most ambitious ideas and deliver your best output in a fast-paced, innovative, and supportive environment.

Joining Sprinto means you will never run alone; you will always have the freedom to take your shot and the support to go farther than you imagined.

What The Role Involves?
The Audit Experience function manages Sprinto’s relationship with its audit partner ecosystem. This role offers a structured pathway to building genuine subject matter expertise in GRC and audit — not just theoretical familiarity, but the kind of depth that comes from working directly alongside an SME on real programs. The intern will engage hands-on with compliance frameworks like SOC 2 and ISO 27001, audit partner lifecycle management, and the product-led GRC environment that Sprinto operates in.

This role is designed for someone who wants to develop into a domain expert in GRC and audit — you’ll build deep working knowledge of how audit programs function, how compliance controls are evaluated, and how information and cybersecurity requirements translate into real audit expectations. Day-to-day program support provides the applied context that accelerates this learning, grounding abstract frameworks in live, operational decisions.

What Your Impact Will Look Like:

• Audit Partner Enablement Operations - Track and drive audit partners through the onboarding and enablement lifecycle. Maintain internal trackers, coordinate across teams to unblock dependencies, and flag partners stalling at any stage
• Auditor Directory Maintenance - Keep the auditor directory accurate and current — verify accreditation status against relevant accreditation bodies, update partner profiles, and ensure listing information remains factually accurate
• Evidence Mapping Support - Assist the SME in mapping audit evidence requirements to platform capabilities. This includes preparing reference data, identifying gaps, and documenting findings that feed into product improvement workflows
• Audit Partner Vetting - Run the verification process for new audit partner candidates
• Query Management - Serve as the first responder for routine auditor and internal team queries. Escalate non-routine matters to the SME
• AI-Assisted Workflow Building - Build and iterate on AI agents to handle routine Audit Experience tasks — including audit partner queries, periodic auditor directory reviews, and evidence mapping lookups. Working with GenAI platforms such as Claude, ChatGPT, or Gemini, you’ll design prompts, test agentic workflows, and help establish repeatable automation patterns that reduce manual effort over time
• Ad Hoc Audit Experience Support - Assist the SME with other Audit Experience initiatives as they arise — including research, documentation, process improvement, and cross-functional coordination
  
  
  
  

What You’ll Bring To The Team:

• Completed a graduation or master’s degree in GRC, Information Security, Risk Management, Computer Science, or a related field — candidates with an academic background directly in GRC or audit are strongly preferred
• Prior exposure to audits — whether through academic projects, internships, or professional experience — is a strong plus; candidates who have worked in or adjacent to audit functions are particularly encouraged to apply
• Genuine interest in exploring information and cybersecurity — you’re curious about how audit and compliance frameworks connect to real-world security posture, not just ticking boxes
• Comfortable working with spreadsheets, trackers, and data — a lot of the learning here happens through doing, not just observing
• Strong attention to detail — verification and mapping reviews are precision work
• Good written communication — you’ll be documenting processes and responding to audit partner queries
• Comfortable using GenAI tools — Claude, ChatGPT, Gemini, or any equivalent platform; prior experience building agents or automating workflows with AI is a strong plus, but a genuine appetite to learn and experiment is what matters most
• Self-directed — the SME will provide guidance and review, but you’re expected to own the operational cadence independently
  
  
  
  

Inclusion & Diversity -
Sprinto is an equal opportunity employer and does not discriminate on the basis of race, colour, religion, gender, sexual orientation, age, disability, or any other protected status. You are welcome at Sprinto for who you are, and we encourage you to bring your complete selves to work. Our culture is built on the strength of diverse thinking — when people with different perspectives, ideas, and ways of solving problems come together, it fuels collaboration and accelerates our mission.

At Sprinto, we are passionate about inclusivity and making sure our entire recruitment process is accessible to everyone. Please share your request for reasonable accommodations at any stage of the application or interview process; we want to ensure everyone feels heard and seen.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

---