Cybersecurity Intern

Customized Energy Solutions (CES) is a global energy services and technology company that helps market participants operate, comply, and compete in deregulated electricity and natural gas markets. Founded in 1998 and headquartered in Philadelphia, CES works with utilities, independent power producers, energy suppliers, developers, asset owners, and investors across North America and globally.

CES delivers market intelligence, regulatory and market design support, asset and portfolio management, retail market operations, and energy technology solutions. Our teams track and interpret ISO/RTO rules and policy developments, support resource planning and market participation, manage operational and settlement processes, and develop proprietary software platforms—including CES BLUE, GOLD, RED, GRIDBOOST, and CoMETS—that help clients manage risk, optimize performance, and respond effectively to market change.

CES is committed to advancing transparent, efficient, and non-discriminatory energy markets while delivering practical, high-quality solutions marked by integrity, rigor, and long-term client value.

CES has been nationally and regionally recognized for sustained growth and innovation, including listings on the Inc. 500|5000 and Philadelphia Business Journal’s Top 100 Companies, as well as a Best Places to Work designation with Hall of Fame status for five or more consecutive years.

With headquarters in Philadelphia and offices across the U.S., Canada, Japan, India, and Vietnam, CES offers a collaborative, flexible, and globally connected work environment for professionals passionate about the future of energy.

Customized Energy Solutions (CES) is seeking a Cybersecurity Intern to support its Infrastructure Services and Security team on a three-month contract engagement. This role is focused on coordinating vulnerability assessment and penetration testing (VAPT) activities conducted by CES external security partners, with a primary emphasis on our SOC 2-scoped applications and other critical platform environments.

The intern will serve as a key liaison between external testing partners and internal CES stakeholders throughout the full VAPT lifecycle — from project kickoff through vulnerability remediation tracking. This is an excellent opportunity for an early-career cybersecurity professional to gain hands-on exposure to enterprise security operations, compliance-driven testing programs, and cross-functional stakeholder engagement. Depending on engagement pace and intern readiness, there is potential for expanded involvement in internal scanning activities and AI-assisted security workflows.

Key Responsibilities

Engagement Coordination

• Coordinate scheduling, logistics, and communication with external red team and penetration testing vendors
• Maintain a master engagement calendar covering test windows, scoping sessions, and review milestones
• Serve as the primary point of contact for day-to-day coordination between external partners and the IS security team
• Track engagement status and flag scheduling conflicts or scope changes to IS leadership

Internal Stakeholder Communication

• Draft and distribute clear, audience-appropriate communications to internal teams regarding upcoming test activities, timelines, and potential impacts
• Prepare briefing materials and summary documentation for pre-engagement kickoffs and post-engagement reviews
• Coordinate access provisioning requests and testing environment logistics with relevant application and infrastructure owners
• Maintain a project tracker and status dashboard for all active and upcoming VAPT engagements

Findings Review & Remediation Support

• Compile and organize vulnerability findings from external partner reports into structured internal formats
• Facilitate working sessions with internal application teams to review findings, clarify technical details, and discuss remediation options
• Track remediation commitments, target dates, and completion status across all in-scope applications
• Escalate past-due or high-severity remediation items to IS leadership as appropriate
• Maintain accurate records of vulnerability lifecycle from identification through verified remediation

Documentation & Reporting

• Produce engagement summaries and status reports for IS leadership and, where applicable, executive stakeholders
• Maintain a centralized repository of test plans, findings reports, and remediation records in SharePoint
• Support ongoing SOC 2 evidence collection related to VAPT activities

Required

• Currently pursuing or recently completed a degree in Cybersecurity, Information Systems, Computer Science, or a related field
• Foundational knowledge of cybersecurity concepts including vulnerability management, network security, and application security
• Strong written and verbal communication skills with the ability to translate technical findings for non-technical audiences
• Demonstrated ability to manage multiple tasks, deadlines, and stakeholders in a structured, organized manner
• Proficiency with productivity and collaboration tools (Microsoft 365, SharePoint, Teams)

Preferred

• Familiarity with SOC 2 compliance frameworks or other information security standards (NIST, ISO 27001)
• Exposure to vulnerability management concepts or tools (e.g., Rapid7, Qualys, Nessus, Burp Suite)
• Experience working on a team-based technical project in an academic or professional setting
• Understanding of web application architecture and common vulnerability classes (OWASP Top 10)
• Prior internship, co-op, or volunteer experience in a technology or security environment

Customized Energy Solutions offers competitive salary commensurate with experience. Benefits include performance bonus, profit-sharing, Medical Savings Account, comprehensive health insurance, disability insurance, life insurance, 401k matching and tuition reimbursement. 

At CES, you will gain: 

• Meaningful responsibility and the opportunity to make a real impact in dynamic energy markets
• The change to learn from and collaborate with experienced professionals across global teams
• Ongoing opportunities to strengthen your technical, analytical, and leadership skills
• A supportive culture that values initiative, accountability, and continuous professional growth

We believe that when associates are challenged, supported, and trusted with responsibility, they do their best work and grow in process. 

Customized Energy Solutions provides equal employment opportunities to all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.