This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

The Cybersecurity Intern will support our small IT/security team in protecting staff, volunteers, and client data across our nonprofit systems and cloud services. This role is ideal for student or early-career professionals who want hands-on experience with Microsoft Defender, Cloudflare, 1Password, and security awareness platforms in a real production environment with limited budgets and high mission impact.

Key Responsibilities

• Monitor and triage security alerts from Microsoft Defender (endpoints, identity, and email) and escalate issues to the IT/security lead.
• Review Microsoft 365 and Azure AD sign-in logs and conditional access alerts for suspicious activity, such as impossible travel, risky sign-ins, and MFA failures.
• Assist with managing Cloudflare security, including reviewing DNS and bot protection events.
• Assist with managing 1Password for teams, including onboarding and offboarding users, organizing vaults, reviewing access permissions, and encouraging strong password and passkey practices.
• Support phishing and security awareness programs using KnowBe4 to help develop campaigns, track outcomes, and prepare short training sessions and follow-up communications for staff.
• Assist with vulnerability and configuration assessments on Windows endpoints and key SaaS services, documenting findings and tracking remediation efforts.
• Help respond to basic security incidents, such as suspected phishing, account compromise, or malware alerts, following documented playbooks and runbooks.
• Assist in documenting security procedures, checklists, and “how-to” guides designed for non-technical staff and volunteers.
• Participate in at least one focused project, such as improving 1Password usage, tightening M365 security baselines, or enhancing phishing simulations, that align with both your interests and the organization’s needs.

Learning Outcomes

• Explain and apply basic security principles in a nonprofit IT environment, including privilege, MFA, and secure password management.
• Use Microsoft Defender and related logs to identify and document common threats like phishing, malware, and suspicious sign-ins.
• Support the deployment and adoption of 1Password as an enterprise password manager to decrease password reuse and enhance credential hygiene.
• Learn how Cloudflare safeguards web assets and identify typical DNS problems in real-world scenarios.
• Assist in planning and executing security awareness and phishing campaigns that promote culture change instead of assigning blame.

Qualifications

• Currently pursuing an Associate’s, Bachelor's, or Master’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Engaging in equivalent self-directed learning such as certificates or bootcamps.
• Solid understanding of networking, operating systems (especially Windows), and key security concepts like MFA, phishing, and least privilege.
• Knowledge of Microsoft 365 and fundamental cloud concepts.
• Interest in learning enterprise tools like Microsoft Defender, Cloudflare, and 1Password (prior experience is a plus but not required).
• Strong communication skills and patience when working with non-technical staff in a mission-driven environment.
• Proven reliability, confidentiality, and integrity in managing sensitive information.

Requirements

• Location: Fully Remote
• Pay Rate: $25.00 per hour. Since this is a temporary position, it is not eligible for benefits.
• This is a Part-Time Internship: 20-25 hours per week.
• Interns must have their own laptop and access to high-speed internet.
• Reports To: Jeff Gray, Director of IT Infrastructure & Cyber Security.

Company Description

Circular Action Alliance is an equal employment opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex (including pregnancy, childbirth, lactation, and related medical conditions), national origin, military or veteran status, sexual orientation, gender identity, age or any other category protected by applicable federal, state, or local law. If you require accommodation as part of the application process, please contact careers@circularaction.org.