Governance, Risk & Compliance (GRC) Intern

Monachus helps early-stage startups build scalable systems for compliance, security, and operations. Without the chaos. We're a small, high-trust team based in Vancouver, BC, and our clients are spread across North America. We work closely with founders and technical teams who are moving fast and need security and compliance done right, not just done.

"Monachus" is Latin for monk, meaning diligent, dedicated, wise. If you care about doing high-quality work, being hands-on in the world of compliance, learning constantly, and having real ownership over outcomes, this is the kind of place where that actually happens.

We're hiring a GRC Intern to support client engagements across compliance audits and vendor assessments. This isn't a shadowing role - you'll do real work on real client files from day one, with mentorship from senior consultants who will help you build a foundation that most people spend years trying to find.

By the end of the internship, success looks like: you understand the audit cycle end-to-end, you're contributing to active audits and client-related projects without being hand-held on every step, and clients are comfortable working with you directly.

• Enrolled full or part-time at an eligible Canadian college or university

• Enrolled for at least the first 30 days of the internship

• Holds Canadian citizenship, Permanent Residency, or refugee status (International students are not eligible)

• Support compliance audit engagements, including evidence gathering, control testing, and gap identification

• Assist with vendor security questionnaires under consultant guidance

• Draft compliance policies, procedures, and supporting documentation

• Help maintain audit trackers, evidence repositories, and client workspaces

• Research regulatory and framework requirements and summarize findings for the team

• Participate in client calls and internal reviews to build communication and consulting skills

Experience & Background

• Studying business, information technology, computer science, or a related field

• Genuine interest in cybersecurity, compliance, or risk

• Detail-oriented and organized, comfortable managing multiple tasks without letting things slip

• Clear communicator, both in writing and in conversation

• Comfortable working in ambiguous situations and asking good questions when you need direction

• Familiar with (or eager to learn) frameworks like SOC 2 and ISO 27001 at a conceptual level

Bonus Points For

• Any exposure to GRC platforms (Drata, Vanta, or similar)

• Experience working with startup companies or carrying out technical research

• Prior internship or co-op in a compliance, audit, or security environment

You’ll Thrive Here If You

• Constantly look for ways to improve systems, workflows, and delivery quality

• Collaborate well and prioritize alignment over ego

• Can take direction, follow operating systems, and improve them instead of fighting them

• Move fast without sacrificing quality

• Take ownership and operate with high accountability

• Enjoy building scalable processes and improving how work gets done

• Are curious about new tools and technologies and actively experiment with AI to improve how work gets done

What You'll Gain

• Hands-on experience across real client audit engagements from day one

• Mentorship from senior compliance consultants working across multiple frameworks

• A working understanding of compliance frameworks and vendor security programs

• Client-facing experience and professional communication skills

• A portfolio of real work to speak to in future interviews

Send your resume, a short note about your interest in the role, and any relevant links (LinkedIn, portfolio, GitHub, etc.) to:

📧 work@monachus.co

Subject: Application - GRC Intern

Applications are reviewed on a rolling basis. We review every application. If you're a fit, someone from our team will reach out within 5 business days to introduce themselves and share next steps.