Security Operations Intern

As Marqetas Security Operations Intern you will gain hands-on experience building and validating security operations capabilities for a publicly traded payments technology company. Youll join the Security Operations and Response team within the Product and Infrastructure Security organization where youll validate and formalize incident response procedures develop SOAR-based runbook automations and design tabletop exercises that test our operational readiness against real-world threat scenarios. This role is grounded in security operations fundamentalsprocedure development incident response methodology and team coordinationwith opportunities for exposure to detection engineering and automation workflows.

We work Flexible First. This role can be performed remotely anywhere within Ontario or British Columbia Canada. Wed love for you to join us!

This will be a 12 week internship program beginning on June 1st and running through August 21st 2026.

This position is not for an existing vacancy.

The Impact Youll Have

• Validate and formalize incident response procedures aligned to Marqetas Cybersecurity Incident Response Plan (CIRP) ensuring documentation is accurate current and actionable for both human operators and AI-assisted workflows
• Develop SOAR runbook automations in Cortex XSOAR that operationalize validated procedures translating human-readable response steps into repeatable automated workflows
• Design and facilitate a series of tabletop exercises within the Security organization that test procedure effectiveness team coordination and escalation paths across security functions including Security Operations Compliance/TPRM and Identity
• Contribute to post-exercise improvement reports that drive measurable enhancements to Marqetas security posture and operational readiness
• Gain exposure to detection engineering and automation workflows including opportunities to observe and contribute to the teams detections-as-code pipeline and MITRE ATT&CK coverage mapping

Who You Are

• Currently pursuing a Bachelors or Masters degree in Cybersecurity Computer Science Information Systems or a related field with an expected graduation date between December 2025 and June 2027
• Foundational knowledge of security operations concepts including log analysis intrusion detection incident response lifecycles (NIST or similar) and common attack techniques
• Familiarity with at least one scripting or programming language (Python Bash or similar) and comfort working in Linux and cloud environments (AWS preferred)
• Strong written communication skills with the ability to translate technical processes into clear structured documentation suitable for both operational use and executive audiences
• Interest in incident response methodology security procedure development and operational readinessyou care about how security teams actually execute under pressure
• A proactive detail-oriented approach to problem-solving with the ability to work independently while knowing when to escalate or ask for guidance

Nice-To-Haves

• Relevant certifications or coursework such as CompTIA Security CySA BTL1 or GIAC certifications
• Experience with SOAR platforms (Cortex XSOAR Tines or similar) SIEM platforms or EDR tools
• Prior internship co-op or project experience in a security operations center (SOC) or incident response context
• Understanding of or interest in the MITRE ATT&CK framework and how it applies to detection and response operations
• Exposure to compliance frameworks relevant to financial services such as PCI DSS
• Experience facilitating exercises workshops or structured reviews in any context

Typical Process

• Application Submission
• Recruiter Video Call
• Hiring Manager Video Call
• Final Round consisting ofmin calls
• Offer!

At this point we hope youre feeling excited about the role. Youre encouraged to apply even if your experience doesnt precisely match the job description. Your skills and passion will stand outand set you apartespecially if your career has taken some extraordinary twists and turns. We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates so again dont hesitate to apply wed love to hear from you.

Compensation and Benefits

Marqeta is a Flex First company which allows you to choose your best working environment whether that be from home or at a company office. To support Flex First we calibrate pay to a competitive value according to working location.

When determining pay we consider several factors including but not limited to skills prior experience and work location. The 2026 Internship hourly rate reflected in CAD is: 37/hr

Along with monetary compensation Marqeta offers

For Interns:

• Paid Holidays
• A Remote Flex First Environment
• A Mentor and Intern Buddy
• Real Life Projects

For Full Time Employees:

• Multiple health insurance options
• Flexible vacation time
• Retirement savings program with company contribution
• Equity in a publicly-traded company
• Monthly stipend to support our remote work model
• Annual development dollars to support our people growth and development
• Family-forming benefits and up to 20 weeks of Parental Leave