Cybersecurity GRC Intern

Job Description Job Description: About C&R Software: C&R Software (www.crsoftware.com) provides expertise in Credit Risk Management domain and delivers optimized SaaS (AWS) based solutions across the Collections & Recovery lifecycle, empowering organizations to manage their end-to-end collections operation more effectively and compliantly. We have been in the industry for 40 years. We operate out of 16 countries and our customers are based out of 60 countries across the globe. Our Vision is to Humanize Collections and our Values are Diversity, Simplicity, Respect, Bravery, and Responsibility. Position Description Intern Job description: A Security GRC (Governance, Risk, and Compliance) intern assist the company's cybersecurity and compliance programs by assisting with risk assessments, policy development, and internal/external customer audits.Key responsibilities include helping with documentation, performing gap analyses against standards like ISO 27001, and using GRC tools for tracking and reporting of remediation.The role involves collaboration with engineering, IT, legal, and audit teams to ensure adherence to policies and to help improve the organization's risk posture. Role / Responsibilities: Qualified candidates are being considered for Internship at C&R Software, India. These candidates possess a strong educational background in Cybersecurity, Computer Engineering or Computer Science and are expected to work on small to medium-scale cybersecurity practices. - Assist with conducting and documenting risk assessments and third-party vendor risk assessments.Help with tracking and monitoring compliance with security policies and customer requirements. - Assist the development and update of security policies, standards, and procedures.Gather documentation and maintain records for compliance initiatives. - Assist with internal and external audits, assessments, customer questionnaires, remediation and help monitor security controls.Support the execution of control reviews and provide input for improving control effectiveness. - Use GRC tools to help streamline reporting and manage risks.Assist in tracking key performance indicators (KPIs) and key risk indicators (KRIs). - Work with engineering, operations, and other business units to integrate security and compliance into their work.Support security awareness and training initiatives in the organization. - Collaborate with engineering teams to ensure projects meet security standards from the outset. - Assist with implementing and maintaining security controls and protocols. - Assist the deployment of new security technologies and processes for risk detection and response. - Help with incident management, business continuity and disaster recovery efforts, which often involves close coordination with technical teams. Essential Technical Skills - An understanding of cloud environments, their shared responsibility models, and built-in security tools is critical. - Platforms:AWS, Azure, or Google Cloud (GCP). - Automation and Scripting:The ability to automate tasks is a hallmark of GRC. - Scripting:Proficiency in scripting languages like Python, PowerShell, or Bash for automating evidence collection, monitoring, and reporting. - Basic understanding of security tools DLP, Email security, Active Directory, SIEM etc Skills / Education Requirements: - Undergraduate / Graduate in Computer Science or Computer Applications such as B. Sc. / B.C.A. / B. Tech. / B. E. / M. Sc. / M. Tech. / M. E. / M.C.A. - Good technical aptitude to understand & use different technologies - Basic Knowledge of cybersecurity practices and high-level framework ISO 27001, PCI, SOC, NIST - Pursuing relevant certifications (CompTIA Security+,ISC CC) - Hands-on lab experience (TryHackMe, Hack the Box, cloud labs) - Volunteer GRC work or relevant project experience - Knowledge of Database Query Tools / Technologies such as SQL / PL-SQL etc. preferred - Good Knowledge of UI programming concepts/languages such as Angular, Java etc. preferred - Familiarity with diverse AI platforms, applications, and specialized tools - Knowledge of various LLMs, their capabilities, limitations, and optimal use cases - Understanding of autonomous AI systems & agent-based artificial intelligence solutions - Strong analytical thinking - Good communication skills including verbal and writing skills What You'll Gain - Real-world experience in modern GRC automation practices - Exposure to enterprise security tools and cloud platforms - Mentorship in automation and technical risk management - Opportunity to contribute to meaningful compliance and security initiatives - Exposure to work with all stakeholders from technical to executives Business Unit: Jonas Collections and Recovery - India Scheduled Weekly Hours: 40 Number of Openings Available: 2 Worker Type: Student (Fixed Term) (Trainee) More About Jonas Software: Jonas Software is the leading provider of enterprise management software solutions to the Country and Golf Clubs, Foodservice, Construction, Fitness & Sports, Attractions, Salon & Spa, Education, Radiology/Laboratory Information Systems, and Product Licensing industries. Within these vertical markets, Jonas is made up of over 65 distinct brands, which are respected and leaders within their own domain. Jonas vision is to be the branded global leader across the aforementioned vertical markets and to be recognized by customers and respective industry stakeholders as the trusted provider of Software for Life and as an ambassador for technology, product innovation, quality, and customer service. Jonas Software is the valued technology partner of over 60,000 customers worldwide in more than 30 countries. Jonas employs over 2,000 skilled individuals consisting of a cross-section of industry experts and technology professionals. Jonas is headquartered in Canada and also operates offices throughout North America, the United Kingdom, Europe, Australia New Zealand and Africa. Jonas is a 100% owned subsidiary of Constellation Software Inc., headquartered in Toronto and traded on the S&P/TSX 60.