Summer 2026 Cybersecurity Risk & Governance Internship
Hachette Book Group’s summer internship program offers individuals an opportunity to learn about the publishing industry and explore an area of interest. To learn more about the company, visit our career site: https://www.hachettebookgroup.com/about/careers/
Program dates: June 1st, 2026 – August 6th, 2026
Location: NYC Hybrid, up to three days
A company laptop will be provided for the duration of the program.
Weekly schedule: 28 hours per week, M-TH, 9:00 am-5:00 pm, with a one-hour lunch break.
Pay rate: $17.00/hour
Department: IT Cybersecurity
As an HBG IT Cybersecurity intern, you will work closely with cybersecurity, infrastructure, and IT operations professionals and gain hands-on experience in how a security program is run in a real enterprise environment. You will own a defined, time-bound project focused on building a comprehensive cybersecurity risk ledger, and you will attend team meetings to understand how security decisions are made, tracked, and communicated.
This hybrid summer internship from NYC will support the IT Cybersecurity department by helping establish a consistent, actionable view of cybersecurity risk across key domains, including identity and access, endpoint security, vulnerability management, logging and monitoring, backup and recovery, cloud security, and third-party risk. We are looking for a motivated individual who is eager to learn how cybersecurity risk, compliance, and operational security work together to protect the business.
To enhance your work experience, we offer educational sessions featuring speakers from across the company, as well as networking and career development opportunities.
Who you are:
• Interested in exploring a career in cybersecurity, risk management, governance, or compliance.
• Strong interpersonal, verbal, and written communication skills, able to write clear risk statements and status updates.
• Organized and detail-oriented, comfortable working with structured data and documentation.
• Curious and coachable, willing to ask questions, take feedback, and follow defined processes.
• Able to work collaboratively with a team and coordinate with subject matter experts across IT.
• Comfortable handling sensitive information with discretion and professionalism.
• Able to balance multiple priorities and meet deadlines for project milestones.
• Proficient in MS Excel, Word, and PowerPoint.
• Interested in exploring a career in cybersecurity, risk management, governance, or compliance.
• Strong interpersonal, verbal, and written communication skills, able to write clear risk statements and status updates.
• Organized and detail-oriented, comfortable working with structured data and documentation.
• Curious and coachable, willing to ask questions, take feedback, and follow defined processes.
• Able to work collaboratively with a team and coordinate with subject matter experts across IT.
• Comfortable handling sensitive information with discretion and professionalism.
• Able to balance multiple priorities and meet deadlines for project milestones.
• Proficient in MS Excel, Word, and PowerPoint.
What you will learn:
• How to document cybersecurity risks in a consistent format, including cause, event, and business impact.
• How to evaluate and score risk using defined likelihood and impact criteria.
• How to map risks to control gaps, existing controls, and mitigation plans, including owners and due dates.
• How compliance and audit readiness connect to operational security work and evidence tracking.
• How to build executive-ready reporting that highlights top risks, trends, overdue actions, and decisions needed.
• How a monthly risk governance cadence works, including risk acceptance, prioritization, and tracking to closure.
• How to collaborate with IT teams to validate technical facts, dependencies, and realistic remediation timelines.
• How to document cybersecurity risks in a consistent format, including cause, event, and business impact.
• How to evaluate and score risk using defined likelihood and impact criteria.
• How to map risks to control gaps, existing controls, and mitigation plans, including owners and due dates.
• How compliance and audit readiness connect to operational security work and evidence tracking.
• How to build executive-ready reporting that highlights top risks, trends, overdue actions, and decisions needed.
• How a monthly risk governance cadence works, including risk acceptance, prioritization, and tracking to closure.
• How to collaborate with IT teams to validate technical facts, dependencies, and realistic remediation timelines.
How to apply:
To be considered, all candidates must submit both a resume and a cover letter.
As a leading book publisher, we believe that including and representing diverse voices in all aspects of our business is fundamental to what we do. Our programs must reflect the broad range of backgrounds, experiences, political views, and ideas that shape our society and publish books for all readers.
Hachette Book Group provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin,