Information Security Compliance Intern

Sprinto is an AI-native GRC platform that helps organisations manage risks, audits, vendor oversight, and continuous monitoring from a single connected platform. With a team of 350+ employees serving 3,000+ customers across 75+ countries, Sprinto combines scale with expertise to deliver trust and compliance. Backed by top-tier investors such as Accel, Elevation, and Blume Ventures, we’ve raised $31.8M in funding to fuel our mission. Trusted by leading organisations including Whatfix, Anaconda, Ultrahuman, WeWork, AI Foundation, and HackerRank, Sprinto supports 300+ integrations and 200+ global security standards, including SOC 2, ISO 27001, GDPR, HIPAA, and PCI-DSS.

 

Founded in 2020 by second-time entrepreneurs Girish Redekar and Raghuveer Kancherla, Sprinto is recognised as a Leader on G2 in Compliance Automation and has been named a LinkedIn Top Startup multiple years in a row.

 

At Sprinto, your work has purpose — and your life has space. We are a workplace where you’re empowered to execute on your most ambitious ideas and deliver your best output in a fast-paced, innovative, and supportive environment.

 

Joining Sprinto means you will never run alone; you will always have the freedom to take your shot and the support to go farther than you imagined.

 

The Audit Experience function manages Sprinto’s relationship with its audit partner ecosystem. This role offers a structured pathway to building genuine subject matter expertise in GRC and audit — not just theoretical familiarity, but the kind of depth that comes from working directly alongside an SME on real programs. The intern will engage hands-on with compliance frameworks like SOC 2 and ISO 27001, audit partner lifecycle management, and the product-led GRC environment that Sprinto operates in.

This role is designed for someone who wants to develop into a domain expert in GRC and audit — you’ll build deep working knowledge of how audit programs function, how compliance controls are evaluated, and how information and cybersecurity requirements translate into real audit expectations. Day-to-day program support provides the applied context that accelerates this learning, grounding abstract frameworks in live, operational decisions.