Information Security Intern

This year marks 10 years since we launched the idea that it is possible to simplify our customers lives by offering an innovative solution that allows them to easily subscribe to manage and switch all types of contracts via a unique and intuitive platform.

In the meantime we have supported more than 2 millions customers in France Spain and Italy while investing in new verticals positioning ourselves as a highly efficient innovative and competitive scale-up in a rapidly growing market.

With over 900 employees spread across 3 locations we are consolidating our position as a market leader in Europe. We are always on the lookout for talent ready to join a dedicated and motivated team driven by a meaningful project. Working with us means embracing a culture of excellence innovation and real impact.

Your mission :

You will be the guardian of the framework. You will help turn our security activities into a structured audit-ready program focusing heavily on Governance Risk and Compliance (GRC).

Key Responsibilities

1. Compliance & Audit Readiness (NIS2 & PCI-DSS)

• Assist in the NIS2 compliance project by helping map our current measures against essential entity obligations.

• Support PCI-DSS oversight by collecting evidence (screenshots logs configs) and organizing them for external auditors.

• Help manage our continuous compliance platforms (e.g. assisting with Vanta-driven workflows) to ensure we are always audit-ready.

2. Policy Framework & Documentation

• Act as the librarian for our security knowledge. You will help centralize format and update our Security Policy Framework to ensure it is accessible to all employees.

• Work on Internal audit preparation by ensuring all procedures (from onboarding to incident response) are written down and up to date.

• Assist in documenting security KPIs and preparing reports for leadership.

3. Vendor & Third-Party Risk Management

• Take ownership of the Vendor security due diligence process. You will send out security questionnaires to new tools/partners and review their answers.

• Maintain our register of third-party risk assessments and ensure contractual security clauses are tracked.

4. Operational Support

• Assist the Senior Engineer in tracking vulnerability remediation by following up with developers to ensure tickets are closed on time.

• Help organize security awareness campaigns (phishing simulations training sessions) to boost our internal culture.

Your profile :

Student in Business (IT Management) Computer Science or Cybersecurity with a focus on GRC.

• Detail-Oriented: You love checklists organized folders and clear documentation.

• Strong Writing Skills: You can explain complex rules in simple clear English.

• Interest in Regulations: You are curious about GDPR NIS2 and PCI-DSS and want to learn how they apply to a real tech scale-up.

Tech-Savvy: You dont need to be a coder but you are comfortable with tech tools (Jira Notion Excel) and understand the basics of how a SaaS company works.

What we offer :

Evolve in an international and inclusive environment: everyone has a place at papernest and with more than 46 different nationalities its not uncommon here to start a sentence in English and finish it en français o en español

Compensation & partnerships: your talent deserves to be rewarded! Enjoy a competitive compensation for your internship. We value every contribution and are committed to offering attractive remuneration for your efforts and dedication. Also with your papernest badge you will have access to various partner services (restaurants wellness centers mobility...).

Meals: a healthy and balanced breakfast is offered every Tuesday!

Career Development: at our company interns are not just photocopy-coffee assistants! As a full-fledged team member youre here to learn but also to share your ideas and implement projects. Youll be supported throughout your journey to maximize your skills and prepare for your future.

Remote Work: enjoy 1 day of remote work per week to optimize your focus and efficiency.

Interested in this challenge

Then dont hesitate any longer; we look forward to meeting you! Regardless of your age gender background religion sexual orientation or disability you have a place with us. Our selection processes are designed to be inclusive and our work environment is adapted for everyone.

We particularly encourage applications from women. Even if you feel that you do not meet all the criteria outlined in this job posting know that every application is valuable. We firmly believe that diverse and varied backgrounds enrich our team. We will carefully consider your application as parity and diversity are essential assets for our success.