Trainee Information Security Governance

Internship Opportunity
Information Security Governance & Cybersecurity Strategy
Location: Zaventem Belgium
Duration: 36 months (flexible)

April 2027
Department: Information Security Governance (ISG)

About the Internship
We are offering internship opportunities within our Information Security Governance team. The internship focuses on governance compliance cloud security AI integration and emerging cybersecurity technologies.
Interns will work on strategic and technical security topics combining research solution design comparison studies automation development and governance framework implementation.
The internship is designed for students in Cybersecurity IT Computer Science Engineering or related fields.

Internship Topics (Non-Exhaustive List)

1. Microsoft Security Copilot
Effective use of Security Copilot for incident response
Integration with SIEM solutions (e.g. Splunk)
Secure configuration and governance of Copilot usage
Audit frameworks to assess maturity and security level

2. CISO Assistant & Governance 2.0
Designing governance and compliance strategies
Configuring AI-assisted governance models
Leveraging AI (ChatGPT or others) for next-generation compliance management

3. Development of Automated O365 / Azure / AWS Audit Tools
Comparison of existing market solutions (CIS MS DSC ISO standards)
Using Microsoft Graph APIs connectors for automation
Continuous monitoring models (Audit as a Service / Hardening as a Service)

4. Microsoft Priva (GRC / ISG)
Defining a deployment strategy
Designing a data protection monitoring service
AI integration for proactive governance

5. OT Security Market Comparison
(Armis Defender for OT Nozomi Trend Micro)
Market comparison (pros/cons)
Security assessment of OT devices
Hardening and mitigation strategy implementation

6. (I)IoT Device Security
Vulnerability assessments
Market comparison (Armis Pentera others)
Hardening best practices and mitigation techniques

7. Identity & Access Management (IAM)
Market analysis of centralized access management solutions
Leveraging PAM solutions (Wallix and others)
IAG integration and access review optimization

8. Access Management Tool Comparison
Saporo vs open-source tools (PingCastle BloodHound others)
Capabilities assessment (methodology strengths weaknesses)
Service-oriented access review model

9. Phishing & Social Engineering Campaigns
Market solution analysis (phishing smishing vishing)
Designing Phishing as a Service models
Risk awareness and measurement frameworks

10. DLP Technologies
(Varonis Netskope Microsoft Purview others)
Comparative analysis
Governance and technical implementation approach

11. Secure Deployment of Local AI (ChatGPT-type models)
Secure configuration and sandboxing
Network exposure analysis
Data exfiltration risks
Risk mitigation strategies

12. Compliance Automation
Automating compliance checks (GDPR HIPAA PCI-DSS)
Cloud security compliance scripting
AI-assisted compliance validation

13. Sector-Specific Security Architecture
Complete security analysis for specific environments (hospitals water supply transport etc.)
Technical constraints analysis (e.g. shared workstations operational environments budget limitations)
Interconnection between tools and governance layers

Profile Required
Masters student or final-year Bachelor in Cybersecurity IT Engineering or related field
Strong interest in Governance Risk & Compliance (GRC)
Analytical mindset with structured thinking
Ability to compare tools and define strategic recommendations
Autonomous proactive and research-driven
Programming/scripting skills are a plus (PowerShell Python APIs etc.)

Language Skills
Fluent French and/or Dutch (mandatory)
Professional English required

What We Offer
Exposure to real governance and enterprise security environments
Strategic and technical hands-on experience
Mentorship from senior security professionals
Possibility to develop a deployable service or automation framework
Opportunity to contribute to innovation projects (AI & Governance)

Important Note
The topics listed above represent a preliminary and non-exhaustive set of ideas.

We strongly encourage students to propose their own internship subjects particularly those aligned with emerging cybersecurity trends AI integration automation or innovative governance approaches.

Thales entreprise Handi-Engagée reconnait tous les talents. La diversité est notre meilleur atout. Postulez et rejoignez nous !