CFG Merchant Solutions→
2026 Risk Management Internship
InternshipOn-site
Location
New York, NY
Salary
$52k–$62k/yr
Experience
No experience required
Posted
Today
Skills
risk managementcompliancesoc 2 trust services criteriaenterprise risk management (erm)risk assessmentrisk treatmentrisk register managementrisk scoring methodologiesrisk escalationvantacybersecurityauditinganalytical mindsettask management
Job Description
Summary: CFG Merchant Solutions, LLC is a rapidly growing alternative finance company that provides working capital to small and medium-sized businesses throughout the US. They are seeking a motivated and detail-oriented Risk Management & Compliance Intern to help design and operationalize their risk management strategy and framework, focusing on building a scalable risk program aligned with SOC 2 Trust Services Criteria.
Responsibilities:
- Assist in designing and documenting an enterprise risk management (ERM) framework aligned with SOC 2 requirements
- Support the creation and maintenance of a risk register, including risk identification, assessment, treatment, and tracking
- Map risks to SOC 2 Trust Services Criteria and related controls
- Configure and maintain risks, controls, and evidence workflows within Vanta
- Help define risk scoring methodologies, risk acceptance criteria, and escalation thresholds
- Collaborate with security, IT, engineering, and business stakeholders to gather risk and control inputs
- Support preparation for SOC 2 audits by ensuring risks and controls are clearly documented and supported by evidence
- Create clear documentation, diagrams, and summaries to communicate risk posture and framework design
- Identify opportunities to streamline or automate risk and compliance processes within Vanta
Required Qualifications:
- Recently graduated (or graduating soon) with a degree in Information Security, Cybersecurity, Information Systems, Computer Science, Risk Management, Business, or a related field
- Strong interest in security, risk management, compliance, or auditing
- Analytical mindset with attention to detail
- Strong written and verbal communication skills
- Comfortable working with documentation, spreadsheets, and structured data
- Ability to manage tasks independently and meet deadlines
Required Skills: Risk Management, Compliance, SOC 2 Trust Services Criteria, Enterprise Risk Management (ERM), Risk Assessment, Risk Treatment, Risk Register Management, Risk Scoring Methodologies, Risk Escalation, Vanta, Cybersecurity, Auditing, Analytical mindset, Task management
Internship Start Date: Start in 2026