2026 Summer Intern –Vulnerability Management

Company:

Marsh Risk

Description:

We are looking for someone to join our Vulnerability Management team as a 10-week summer 2026 intern. In this role, you will support the full vulnerability lifecycle — from discovery and assessment through prioritization, remediation tracking, and reporting. You will work alongside experienced vulnerability analysts and engineers to help identify, triage, and drive remediation of security weaknesses across Marsh’s enterprise environment. At the conclusion of the internship, you will deliver a capstone project demonstrating the skills and knowledge you developed across the vulnerability management program. This is a hybrid position requiring three days per week in office.
 

We will count on you to:
 

• Supporting vulnerability scanning operations across network, endpoint, cloud, and application environments using enterprise tooling
• Assisting with triage and prioritization of identified vulnerabilities using risk-based scoring methodologies, including CVSS, EPSS, and threat intelligence enrichment
• Helping track and report on remediation progress, working with asset owners and IT teams to drive timely patching and remediation of critical findings
• Contributing to the development and maintenance of vulnerability management metrics, dashboards, and executive-facing reporting materials
• Completing and presenting a capstone project at the conclusion of the internship that demonstrates skills and knowledge gained across the vulnerability management program
• Assisting with the creation and maintenance of internal process documentation, playbooks, and operational procedures related to vulnerability management workflows
• Working closely with team leads, senior analysts, and cross-functional partners across IT, Cloud, and Application Security to build skills and experience
• Other work or projects as identified and requested

What you need to have:

• Progress towards undergraduate degree in Computer Science (CS), Computer Information Systems (CIS), other related degrees, or equivalent experience
• Knowledge in one or more of the following domains: Network Operations and Architecture, Operating Systems, Identity and Access Management, Programming, Cloud Computing, Databases, or Cryptography
• Legal work authorization to work in the U.S. on a permanent and ongoing basis without the need for sponsorship now or in the future

What makes you stand out?

• Excellent critical thinking skills, with proven analytical expertise and the ability to learn adaptive
• Demonstrated effective verbal, written and interpersonal communication skills with the ability to communicate security concepts to both technical and non-technical audiences 
• Ability to operate independently in a dynamic, evolving environment with multiple inputs and tasks simultaneously
• Knowledge of common attacks, current threats, threat actors, and industry trends
• Familiarity with common security frameworks and models such as NIST Cybersecurity Framework, CIS Controls, or MITRE ATT&CK, and how they relate to vulnerability management programs
• Familiarity with vulnerability management concepts including CVE/CVSS scoring, patch management processes, and risk-based prioritization frameworks

Why join our team:

• We help you be your best through professional development opportunities, interesting work and supportive leaders.
• We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities.
• Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being.

Marsh (NYSE: MRSH) is a global leader in risk, reinsurance and capital, people and investments, and management consulting, advising clients in 130 countries. With annual revenue of over $27 billion and more than 95,000 colleagues, Marsh helps build the confidence to thrive through the power of perspective. For more information, visit corporate.marsh.com, or follow us on LinkedIn and X.

Marsh is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age background, disability, ethnic origin, family duties, gender orientation or expression, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, veteran status (including protected veterans), or any other characteristic protected by applicable law. If you have a need that requires accommodation, please let us know by contacting reasonableaccommodations@mmc.com.

Marsh is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.