Internship - Security Assurance (For candidates who are available from Jan - Jun 2020 only)
About Grab
Grab is Southeast Asia's Leading Online to Offline (O2O) mobile platform. Grab is the region's everyday super app that provides services that matter the most to consumers. Through its open platform strategy, Grab works with partners to provide safe, accessible and affordable transport, food, package, grocery delivery, mobile payment and financial services to millions of Southeast Asians. Grab aims to create 100 million micro-entrepreneurs through its ecosystems.
We are currently looking to hire an intern for our team due to business expansion. Grab is currently expanding and at its optimal business cycle and this would be the best and exciting time to join us!
About the Team
The Information Security Intern is responsible for assisting the compliance and security leads with Grab’s information security program.
Here, we manage Third Party Risk, establish and implement Grab’s Vendor Security Policy and framework for Grab Taxi and Grab Financial Group. In addition, we review new and legacy third-party arrangements for information security risks, monitor and provide recommendations on risk mitigation controls. We also conduct annual reviews of all vendors and engagements with "Critical" and "High" risks, help support internal, customer, and regulatory vendor risk related inquiries and audits, and conduct and manage CE BPO on-boarding and annual reviews.
Join our team and learn about new trends in Third Party risk management and how this represents a significant part of the risk management process but, unfortunately, it’s often steered clear of. You will also get an idea on how we try to mitigate vendor risks at an acceptable level.
Duties and Responsibilities
Help security assurance team with conducting information security risk assessments to evaluate information systems, programs and procedures
Standardise documentation to support various audit and assessments such as policies and procedures, and diagrams
Perform internal/external compliance audits against institutionally accepted security controls e.g. ISO 27001/27002, PCI DSS, SSAE 18/SOC 1/2/3, etc
Assist in evaluating, documenting and managing third party information security risks
Assistance with the deployment and upkeep of the information security department’s website content Assist training and awareness activities
Experience with JIRA, Wiki, etc
Learning Objectives
Learn about compliance of implemented Grab’s information security controls
Learn about supporting various audit and assessments and drafting policies and procedures, and diagrams
Learn about performing internal/external compliance audits against institutionally accepted security controls e.g. ISO 27001/27002, PCI DSS, SSAE 18/SOC 1/2/3, etc
Requirements
Only for candidates who are available from Jan - Jun 2020
Undergraduate or Postgraduate in Information Security
Strong research, analytical, and problem solving skills
Potential candidates should have good communication and computer skills such as knowledge and experience using the Microsoft suite of products (MS Excel, Word, PowerPoint, etc.)
Team players who are motivated to work in a fast-paced environment
Preference given to students enrolled with a concentration in Information Technology, Information Security or majoring in Computer Science
*Please head to *career page link* for application. Please note that only shortlisted candidates will be contacted for interviews.
Grab Vietnam