About PureFacts
PureFacts is a global leader in revenue management, client reporting, and data-driven solutions for the wealth and asset management industry. Our mission is to empower financial services firms with smarter technology that increases revenue, reduces risk, and improves client transparency.
We’re a purpose-driven organization committed to making a difference—both in financial services and in the communities we serve. At PureFacts, innovation, integrity, and impact are at the heart of everything we do.
About the role
Information Security & Compliance Internship
The Information Security and Compliance team at PureFacts plays a critical role in ensuring that our organization meets the highest standards of regulatory compliance and information security across a fast-growing, global WealthTech organization. We are seeking an enthusiastic and proactive Information Security & Compliance Intern to join our team onsite in our Lisbon office. This role provides a fantastic opportunity to gain hands-on experience in compliance frameworks, audit support, risk management, and security operations.
Your responsibilities might include activities such as:
· Assist with the execution of annual SOC 1 and SOC 2 audits, including evidence collection, control testing, and remediation tracking.
· Support compliance initiatives aligned with ISO 27001, CIS Benchmarks, GDPR, and other regulatory requirements.
· Help maintain and update documentation for security policies, procedures, and compliance reports.
· Assist in tracking remediation efforts and ensuring timely closure of compliance findings.
· Contribute to the preparation of compliance reports and dashboards for internal stakeholders.
· Support the review and continuous improvement of internal controls and governance processes.
· Assist in identifying, assessing, and documenting information security risks across the organization.
· Help maintain the risk register and support the tracking of risk mitigation actions.
· Contribute to the development and upkeep of security policies, standards, and procedures.
· Maintain and update internal knowledge base articles, guides, and compliance documentation.
· Support the monitoring of security systems and assist in identifying potential threats or vulnerabilities.
· Assist in maintaining application security scanning as part of our SDLC pipelines.
· Help document findings from vulnerability assessments and track remediation with relevant teams.
· Support the management of external attack surfaces and help communicate findings internally.
· Support the review and implementation of access control policies, including least privilege and role-based access.
· Assist in incident response activities and contribute to root cause analysis documentation.
· Help ensure timely documentation of security events and follow-up actions.
Qualifications
· Currently pursuing or recently completed a degree in Computer Science, Information Security, Cybersecurity, Law, or a related field.
· Basic understanding of compliance frameworks, information security concepts, and risk management principles.
· Strong communication, documentation, and problem-solving skills.
· Ability to work both independently and as part of a team.
· Attention to detail and strong organizational skills.
Technical knowledge in the field of Information Security & Compliance, ideally some knowledge of (not mandatory):
· Compliance frameworks: SOC 1/2, ISO 27001, GDPR, CIS Benchmarks
· GRC tools: experience with any Governance, Risk & Compliance platform is a plus
· Cloud security: Microsoft Azure, Microsoft 365
· Identity & Access Management: RBAC, least privilege, MFA
· Security tools: Vulnerability scanners, SIEM platforms, endpoint protection
· Scripting basics: PowerShell, Python, or similar
Die Gehaltsspanne für diese Rolle ist:
15.40 - 18.50 EUR pro hour (Lisbon Office)
Technology
Lisbon, Portugal
Portugal
Teilen auf: