Security Engineer - Governance, Risk and Compliance

We are looking for a motivated Security Intern to join our Security team. You'll get hands-on experience assisting with SOC 2 and ISO 27001 audits, monitoring compliance, and supporting daily security tasks. This role is perfect for a current student or recent grad in IT/Computer Science with strong English communication and a passion for learning about the fintech/blockchain industry.

What you'll be doing:

• Audit Support

  • Assist in preparing for external compliance audits including

  • Understand auditor’s requests and inquiries

  • Prepare evidences and documentation that satisfy auditor’s inquiry

  • In-scope compliance standards include: SOC 2, ISO 27001, MAS TRMG

• Compliance Monitoring

  • Stay aware of compliance obligations and recurring tasks throughout the year / audit period and coordinate with internal teams to ensure timely completion

  • E.g. Penetration test, incident response test, disaster recovery test schedule

  • Collect sufficient artefacts of the above activities to be used to demonstrate compliance

  • Operate and maintain GRC automation platform

• BAU GRC Tasks

  • Assist in maintaining GRC documentation and reporting (e.g. security policies and procedures, risk registers, risk report, etc.)

  • Conduct periodic user access review, security configuration baseline review, third party risk assessment, internal audit, security awareness training and phishing campaign, etc. 

What we're looking for:

• Preferably an undergraduate Bachelor’s degree in Management Information System, Information Technology, Computer Science, related discipline or equivalent combination of education and experience.

• Probably (not mandatory) have relevant experience managing IT audits, risk and compliance preferably within the start-up sector or Bank, Fintech organization;

• Effectively communicate technical issues to diverse audiences, both in writing and verbally (Vietnamese and English);

• Learn quickly and apply knowledge to new situations;

• Handle sensitive and confidential matters, situations, and data;

• Work independently and prioritize multiple tasks and adapt to needed changes;

• Remain calm under high pressure/difficult situations;

• Experience with cloud security controls would be an asset.

• Advanced understanding and/or experience working in a Cryptocurrency/Blockchain/Fintech/Finance Trading domain preferred

What’s in it for you:

• Hands-on experience across multiple cybersecurity domains

• Mentorship from experienced security professionals

• Exposure to enterprise-grade security tools and technologies

• Opportunity to participate in real security operations and projects

• Potential pathway to full-time employment based on performance

• Flexible schedule to accommodate academic commitments

Duration 3-6 months, with possibility of extension based on performance and mutual agreement.

Find out more about Coinhako here https://www.coinhako.com/ and don't forget to visit our Careers Page https://www.coinhako.com/join-us

By submitting your application to us, you consent to the collection, use, disclosure and processing of your personal data in accordance with our privacy policy, which is accessible at https://www.coinhako.com/legal/sg-1/privacy_policy.