Job Description

The CoinDCX Journey: Building Tomorrow, Today
At CoinDCX, we believe 'CHANGE STARTS TOGETHER'. You are the driving force that will help us make Web3 accessible to all.
In the last six years, we have skyrocketed from being India's first crypto unicorn to carrying a community of over 125 million with us. To continue maximising the adoption and acceleration of Web3, we are now focused on developing cutting-edge products, addressing accessibility and security challenges, and bridging the gap between people and Web3 technologies.
While we go ahead and keep dominating the Web3 world, we would like to HODL you on our team! Join our team of passionate innovators who are breaking barriers and building the future of Web3. Together, we will make the complex simple, the inaccessible accessible, and the impossible possible. Boost your innovation to an ALL TIME HIGH with us!
Inside CoinDCX's Information Security Team
Our Information Security team protects CoinDCX's digital assets by ensuring the highest standards of security across all our operations. We're vigilant, proactive, and dedicated to safeguarding our systems and data. If you're an expert in information security with a passion for protecting digital finance, join us in securing the future of CoinDCX.
Be Part of the Next Moonshot:
This internship program offers a dynamic opportunity for college students interested in gaining hands-on experience in various facets of information security. Interns will be exposed to and involved in projects across multiple areas including Governance, Risk, and Compliance (GRC), Cyber Defense, Security Engineering, Security Awareness, Data Security, Privacy, and Security Testing.
You need to be a HODLer of these

• Currently pursuing a degree in computer science, prefer Information Security stream
• Strong interest and foundational knowledge of information security concepts and principles.
• Excellent analytical and problem-solving skills and effective communication and teamwork abilities.

You will be mining through these tasks
GRC (Governance, Risk, and Compliance):

• Assist in the development and update of policies, procedures, guidelines and other mandatory documentation aligned with ISO 27001 (Information Security Management), ISO 27701 (Privacy Information Management), Service Organization Controls 2 (SOC2), Crypto Currency Security Standard (CCSS) standards.
• Collaborate with internal staff for conducting compliance audits, and risk assessment activities.
• Tracking and ensuring accurate execution of security and privacy KPI and KRIs.
• Perform and support in various compliance activities towards sustenance of ISO 27001 and ISO 27701 certifications.
• Carrying out the annual vendor security due diligence
• Execute the annual security and privacy awareness trainings and ensure 100% compliance
• Develop and release threat-based and industry specific security education and awareness via comms & fliers
• Support the team in planning and executing of security & privacy events
• Assist the team in preparing the organization for SOC attestations
• Assist in implementing data security controls and protocols.
• Aid in privacy assessments and compliance with data protection regulations.
• Contribute to the automation and improve the effectiveness of GRC objectives such as implementation of GRC and privacy tools, automating GRC tasks, automated reporting of KPIs and KRIs, implementation of CISO dashboards, publishing the news letters etc.

Security Awareness:

• Support in developing and delivering security awareness programs and materials.
• Assist in organizing training sessions and campaigns for staff awareness.
• Design and execute simulation attacks such as phishing, social media attacks, etc.
• Develop engaging themes and content for security awareness campaigns.
• Conduct spot audits to assess employee adherence to security practices.
• Conduct training sessions and awareness campaigns for staff education.

Data Security and Privacy:

• Assist in implementing data security controls and protocols.
• Support data classification, encryption, and access management efforts.
• Aid in privacy assessments and compliance with data protection regulations.
• Perform user access reviews to ensure adherence to security policies.
• Support in data classification and data discovery processes.
• Assist in building automation tools for data security measures.
• Contribute to building and maintaining rules in Data Loss Prevention (DLP) systems.

Are you the one? Our missing block

• You are knowledge-hungry when it comes to VDA and Web3, always eager to dive deeper and stay ahead in this evolving space.
• The world of Web3 and VDA excites you, fueling your curiosity and driving you to explore new opportunities within this dynamic landscape.
• You act like an owner, constantly striving for excellence, impact, and tangible results in everything you do.
• You embrace a 'We over Me' mindset, growing individually while fostering the growth of those around you.
• Change is your catalyst, igniting your passion to build and innovate.
• You think outside the box, unbound by limitations or doubt, always pushing the boundaries of what's possible.