Paris, France
Internship Explorer
Internship Explorer
You will be the "guardian of the framework." You will help turn our security activities into a structured, audit-ready program, focusing heavily on Governance, Risk, and Compliance (GRC) . Key Responsibilities 1. Compliance & Audit Readiness (NIS2 & PCI-DSS) * Assist in the NIS2 compliance project by helping map our current measures against essential entity obligations. * Support PCI-DSS oversight by collecting evidence (screenshots, logs, configs) and organizing them for external auditors. * Help manage our continuous compliance platforms (e.g., assisting with Vanta-driven workflows ) to ensure we are always audit-ready. 2. Policy Framework & Documentation * Act as the librarian for our security knowledge. You will help centralize, format, and update our Security Policy Framework to ensure it is accessible to all employees. * Work on Internal audit preparation by ensuring all procedures (from onboarding to incident response) are written down and up to date. * Assist in documenting security KPIs and preparing reports for leadership. 3. Vendor & Third-Party Risk Management * Take ownership of the Vendor security due diligence process. You will send out security questionnaires to new tools/partners and review their answers. * Maintain our register of third-party risk assessments and ensure contractual security clauses are tracked. 4. Operational Support * Assist the Senior Engineer in tracking vulnerability remediation by following up with developers to ensure tickets are closed on time. * Help organize security awareness campaigns (phishing simulations, training sessions) to boost our internal culture.
