Support the ISO 27001:2022 certification effort: coordinate evidence collection, draft missing policies, and track the remediation plan across Engineering, HR, and Legal teams
Contribute to information security risk management: maintain the risk register, track risk treatments, and flag deviations to the Head of Security
Handle client security questionnaires and due diligence requests independently, building and maintaining a response library over time
Participate in security operations activities: vulnerability tracking, security reviews, and incident response support
Contribute to fraud analysis efforts where relevant: investigate suspicious patterns and support detection and response workflows

Final-year internship: currently pursuing a Master’s degree in Cybersecurity or Information Systems
Some knowledge of ISO/IEC 27001, even if theoretical, and a genuine interest in GRC
Hands-on mindset: you like to figure things out, aren’t afraid to dive into technical topics, and don’t wait to be told what to do
Broad curiosity: you want exposure to fraud, application security, risk management, and compliance—not just a single area
Analytical profile: comfortable working with data; experience identifying patterns and drawing conclusions is a plus for fraud-related tasks
Strong interpersonal skills: able to engage with technical teams and extract the right information
Fluent in English

Onboarding: spend your first week learning about our culture, products, and services with other new hires at our office in Paris
Paid vacation: interns accrue 1 paid day per month worked; apprenticeships receive 5 weeks per year
Lunch vouchers: €9/day loaded to your Swile card
Transportation: 50% reimbursement (any type of transport)
Free books: request books relevant to our business and we’ll order them for you—no questions or approval processes required
Remote work: hybrid remote policy
Annual team-building events

Cybersecurity, GRC Internship

Key skills