Roku is changing how the world watches TV
Roku is the #1 TV streaming platform in the U.S., Canada, and Mexico, and we've set our sights on powering every television in the world. Roku pioneered streaming to the TV. Our mission is to be the TV streaming platform that connects the entire TV ecosystem. We connect consumers to the content they love, enable content publishers to build and monetize large audiences, and provide advertisers unique capabilities to engage consumers.
From your first day at Roku, you'll make a valuable - and valued - contribution. We're a fast-growing public company where no one is a bystander. We offer you the opportunity to delight millions of TV streamers around the world while gaining meaningful experience across a variety of disciplines.
About this area
Roku’s Trust team is responsible for protecting the company’s products, infrastructure, and data from security threats. The team works across Governance, Risk & Compliance (GRC) and Security Operations (SecOps) to ensure security policies are followed, risks are managed, and threats are detected and mitigated.
Through a combination of monitoring, automation, and compliance frameworks, the team helps secure Roku’s global platform and maintain strong security standards across the organisation.
About the role
We are looking for a motivated Cyber Security Intern to join our Trust team and gain hands‑on experience across Security Operations (SecOps) and Governance, Risk & Compliance (GRC). We offer a paid 12‑week internship, starting in Summer 2026.
This role will have a 60/40 split between time spent in GRC & Sec Ops.
You will work alongside experienced risk specialists and security engineers to monitor, structure and standardise documentation within GRC. As well as monitor systems, investigate security events, and support the implementation of security controls and governance frameworks. This internship offers exposure to a real understanding of the associated risks within technology and its systems, platforms and tools. Alongside, real‑world cybersecurity challenges while developing practical technical, analytical, and risk management skills.
What you’ll be doing
A Privacy Engineer Internis needed tosupport thefollowing functions withinTrust:
Governance Risk and Compliance (GRC) 60% Allocation of time
* The intern’s work is to helpmaintaincompliance with security policies and regulationsby reviewing Roku’s current internal repositories
* Support the security governance documentation across the intranet ensuring it isaccurateand up to date via the maintenance of cohesive and organised libraries
* Support the implementation ofwider compliancepolicies and guidelinesacross Rokuby aligning to a standardised process
* Assistwith security awareness training programsassisting the current SME
* Contribute to compliance research and reporting
SecurityOperations (SecOps), which monitors activity for threats using SIEM tools, and helps highlight improvements to security controls. 40% Allocation of time
* The Intern’s work on vulnerability assessments, malware analysis, and script development (e.g., Python) to automate security tasks whileassistingseniorengineers.
* SupportVulnerability management efforts & remediation acrossCorporate end points & Cloud systems (Azure, AWS, GCP etc...)
* AssistinThreat Hunting & Investigations by querying systems & logs( XQL, KQL,SQL etc...)
* Support Security Compliance Audit checks & Highlight Policy Gaps using technical assessments & evidence working alongside GRC & other functions.
What you’ll be doing
* You will be tasked at the end of the 12 week program with creating an ISM deliverable to include an assessment of the internal documentation which is aligned to industry specific standards such as ISO and NIST.
* The ISM will clearly set out the business justification and rationale for the internal re‑organisation of the policies, process and procedures within the artefact environment at Roku.
* Identification of workflows/ diagrams detailing baseline standards including RACIs to demonstrate a catalogue of the internal documentation belonging to Roku.
We’re excited if you have
* Currently pursuing a degree in Project Management, Lean Six Sigma, Process Engineer Certification, Computer Science, Cyber Security, Information Security, Electrical Engineering, or a related field due to graduate in Dec 2026 or later.
* Technical Skills: Basic understanding of networking protocols, operating systems (Windows/Mac/Linux), and security concepts. As well as:
* Strong analytical and problem-solving abilities
* Excellent written and verbal communication skills
* Detail orientated with strong documentation skills
* Ability to work effectively in a team environment
* Programming: Understanding with languages such as XQL, KQL, SQL, Python or others similar.
* Mindset: Strong analytical, troubleshooting, and problem-solving skills.
* Passion: Strong interest in cybersecurity trends and risk compliance
Our Hybrid Work Approach
Roku fosters an inclusive and collaborative environment where teams work in the office Monday through Thursday. Fridays are flexible for remote work except for employees whose roles are required to be in the office five days a week or employees who are in offices with a five day in office policy.
Benefits
Roku is committed to offering a diverse range of benefits as part of our compensation package to support our employees and their families. Our comprehensive benefits include global access to mental health and financial wellness support and resources. Local benefits include statutory and voluntary benefits which may include healthcare (medical, dental, and vision), life, accident, disability, commuter, and retirement options (401(k)/pension). Our employees can take time off work for vacation and other personal reasons to balance their evolving work and life needs. It's important to note that not every benefit is available in all locations or for every role. For details specific to your location, please consult with your recruiter.
#J-18808-Ljbffr