Security Engineer - Governance, Risk and Compliance

We are looking for a motivated Security Intern to join our Security team. You'll get hands-on experience assisting with SOC 2 and ISO 27001 audits, monitoring compliance, and supporting daily security tasks. This role is perfect for a current student or recent grad in IT/Computer Science with strong English communication and a passion for learning about the fintech/blockchain industry.

What you'll be doing:

Audit Support

Assist in preparing for external compliance audits including

Understand auditor’s requests and inquiries

Prepare evidences and documentation that satisfy auditor’s inquiry

In-scope compliance standards include: SOC 2, ISO 27001, MAS TRMG

Compliance Monitoring

Stay aware of compliance obligations and recurring tasks throughout the year / audit period and coordinate with internal teams to ensure timely completion

E.g. Penetration test, incident response test, disaster recovery test schedule

Collect sufficient artefacts of the above activities to be used to demonstrate compliance

Operate and maintain GRC automation platform

BAU GRC Tasks

Assist in maintaining GRC documentation and reporting (e.g. security policies and procedures, risk registers, risk report, etc.)

Conduct periodic user access review, security configuration baseline review, third party risk assessment, internal audit, security awareness training and phishing campaign, etc.

What we're looking for:

Preferably an undergraduate Bachelor’s degree in Management Information System, Information Technology, Computer Science, related discipline or equivalent combination of education and experience.

Probably (not mandatory) have relevant experience managing IT audits, risk and compliance preferably within the start-up sector or Bank, Fintech organization;

Effectively communicate technical issues to diverse audiences, both in writing and verbally (Vietnamese and English);

Learn quickly and apply knowledge to new situations;

Handle sensitive and confidential matters, situations, and data;

Work independently and prioritize multiple tasks and adapt to needed changes;

Remain calm under high pressure/difficult situations;

Experience with cloud security controls would be an asset.

Advanced understanding and/or experience working in a Cryptocurrency/Blockchain/Fintech/Finance Trading domain preferred

What’s in it for you:

Hands-on experience across multiple cybersecurity domains

Mentorship from experienced security professionals

Exposure to enterprise-grade security tools and technologies

Opportunity to participate in real security operations and projects

Potential pathway to full-time employment based on performance

Flexible schedule to accommodate academic commitments

Duration 3-6 months, with possibility of extension based on performance and mutual agreement.

Find out more about Coinhako here https://www.coinhako.com/ and don't forget to visit our Careers Page https://www.coinhako.com/join-us

By submitting your application to us, you consent to the collection, use, disclosure and processing of your personal data in accordance with our privacy policy, which is accessible at https://www.coinhako.com/legal/sg-1/privacy_policy.