About PureFacts
PureFacts is a global leader in revenue management, client reporting, and data-driven solutions for the wealth and asset management industry. Our mission is to empower financial services firms with smarter technology that increases revenue, reduces risk, and improves client transparency.
We’re a purpose-driven organization committed to making a difference—both in financial services and in the communities we serve. At PureFacts, innovation, integrity, and impact are at the heart of everything we do.
About the role
Information Security & Compliance Internship
The Information Security and Compliance team at PureFacts plays a critical role in ensuring that our organization meets the highest standards of regulatory compliance and information security across a fast-growing, global WealthTech organization. We are seeking an enthusiastic and proactive Information Security & Compliance Intern to join our team onsite in our Lisbon office. This role provides a fantastic opportunity to gain hands-on experience in compliance frameworks, audit support, risk management, and security operations.
Your responsibilities might include activities such as:
Compliance & Audit Support
·Assist with the execution of annual SOC 1 and SOC 2 audits, including evidence collection, control testing, and remediation tracking.
·Support compliance initiatives aligned with ISO 27001, CIS Benchmarks, GDPR, and other regulatory requirements.
·Help maintain and update documentation for security policies, procedures, and compliance reports.
·Assist in tracking remediation efforts and ensuring timely closure of compliance findings.
·Contribute to the preparation of compliance reports and dashboards for internal stakeholders.
·Support the review and continuous improvement of internal controls and governance processes.
Risk Management & Documentation
·Assist in identifying, assessing, and documenting information security risks across the organization.
·Help maintain the risk register and support the tracking of risk mitigation actions.
·Contribute to the development and upkeep of security policies, standards, and procedures.
·Maintain and update internal knowledge base articles, guides, and compliance documentation.
Security Operations & Monitoring
·Support the monitoring of security systems and assist in identifying potential threats or vulnerabilities.
·Assist in maintaining application security scanning as part of our SDLC pipelines.
·Help document findings from vulnerability assessments and track remediation with relevant teams.
·Support the management of external attack surfaces and help communicate findings internally.
Access Control & Incident Response
·Support the review and implementation of access control policies, including least privilege and role-based access.
·Assist in incident response activities and contribute to root cause analysis documentation.
·Help ensure timely documentation of security events and follow-up actions.
Qualifications
·Currently pursuing or recently completed a degree in Computer Science, Information Security, Cybersecurity, Law, or a related field.
·Basic understanding of compliance frameworks, information security concepts, and risk management principles.
·Strong communication, documentation, and problem-solving skills.
·Ability to work both independently and as part of a team.
·Attention to detail and strong organizational skills.
Technical knowledge in the field of Information Security & Compliance, ideally some knowledge of (not mandatory):
·Compliance frameworks: SOC 1/2, ISO 27001, GDPR, CIS Benchmarks
·GRC tools: experience with any Governance, Risk & Compliance platform is a plus
·Cloud security: Microsoft Azure, Microsoft 365
·Identity & Access Management: RBAC, least privilege, MFA
·Security tools: Vulnerability scanners, SIEM platforms, endpoint protection
·Scripting basics: PowerShell, Python, or similar
The pay range for this role is:15.40 - 18.50 EUR per hour(Lisbon Office)
PI319c5e831b4f-37437-40263341