Risk Management and GRC Internship

You will work across multiple GRC areas, helping ensure that our policies, processes, and documentation are accurate, up to date, and aligned with industry standards.

What You’ll Work On

• Managing compliance evidence and documentation in the Drata platform.

• Supporting privacy governance tasks such as ROPA updates, DPIA registers, and DSAR logs.

• Maintaining the operational risk register and tracking audit or testing issues.

• Contributing to AI governance by maintaining the AI system inventory and 
  supporting impact assessments. 

• Assisting with policy drafting aligned with frameworks such as ISO/IEC 42001 and the NIST AI Risk Management Framework.

• Enrollment in a relevant final-year Bachelor’s or postgraduate program (e.g., Cybersecurity, Risk Management, Law, ESG, or Compliance).

• Interest or knowledge in frameworks such as ISO 27001, GDPR, SOC 2, or ISO 31000.

• Strong organizational skills and attention to detail.

• Good documentation and communication skills in English.

• Interest in governance, risk, compliance, and emerging topics such as AI governance.

• Work on key GRC initiatives, including SOC 2 Type 2 and AI governance.

• Gain hands-on experience with compliance tools and frameworks.

• Contribute to real business processes and documentation used across the company.

• Collaborate with a specialized team and gain insight into cybersecurity and risk governance practices.

• Be part of a friendly, international, and purpose-driven company. 

• Weekly in-office moments to collaborate with the team. 

• Receive a monthly internship compensation, depending on the number of 
  working hours per week.

• Weekly in-office moments to collaborate with the team.