Octave is looking for an Information Security & GRC Intern to help strengthen the security posture of our software ecosystem. This role provides exposure to both Application Security (AppSec) and Governance, Risk & Compliance (GRC) duties, supporting our secure-by-design engineering program.
What You'll Do
- Review and triage static (SAST) and software composition analysis (SCA) scan findings, validating issues and collaborating with development teams on remediation.
- Participate in secure design discussions and support application security proof-of-concept evaluations under the guidance of senior AppSec engineers.
- Assist in enhancing SDLC security activities and tracking vulnerability remediation progress.
- Help maintain and update security policies, standards, and procedural documentation.
- Review and help process exceptions to security standards, ensuring risks are documented and mitigation actions are captured.
- Assist in internal and external audit preparation, collecting evidence to demonstrate control effectiveness.
- Support compliance activities for frameworks such as ISO 27001, ISO9001, ISO42001, SOC2, etc. including documentation gathering and follow-ups on mitigation actions.
What We're Looking For
- Currently pursuing a degree in Cybersecurity, Computer Science, Information Security, or a related field.
- Strong written and verbal communication skills, with the ability to collaborate across cross-functional teams.
- Organized with strong attention to detail and ability to manage multiple tasks simultaneously.
Nice to Have
- Foundational understanding of information security principles, compliance frameworks (ISO 27001, SOC 2, NIST CSF), and risk management concepts.
- Familiarity with SAST/SCA tools (e.g., GitHub Advanced Security, Snyk, Checkmarx).
- Basic scripting or automation experience (Python, PowerShell, or similar).
- Understanding of OWASP Top 10, secure coding practices, or common application vulnerabilities.
Technical Stack
- SAST/SCA tools (e.g., GitHub Advanced Security, Snyk, Checkmarx)
- Python
- PowerShell
Benefits & Compensation
- Real-world experience working with application security and GRC programs at scale.
- Exposure to secure-by-design engineering workflows, risk assessments, and enterprise assurance programs.
- Mentorship from senior Information Security, Compliance, and AppSec professionals.
- Experience supporting audit readiness, vulnerability management, and policy governance across a global product portfolio.
Work Mode
This is a global position.
At Octave, we are all in. always forward. We put trust in our people to unleash potential, bring ideas to life, and keep moving ahead. We are committed to creating a truly supportive environment. Diverse and inclusive teams are critical to our success. Everyone is welcome. We embrace differences and are fully committed to creating equal opportunities, an inclusive environment, and fairness for all. Respect is the cornerstone of how we operate.
