About Grab and Our Workplace

Grab is Southeast Asia's leading superapp. From getting your favourite meals delivered to helping you manage your finances and getting around town hassle-free, we've got your back with everything. In Grab, purpose gives us joy and habits build excellence, while harnessing the power of Technology and AI to deliver the mission of driving Southeast Asia forward by economically empowering everyone, with heart, hunger, honour, and humility.

Get to Know the Team

The Cyber Risk & Control team is part of Grab's Cyber Security - Cyber Assurance function. We keep Grab's operations secure and compliant across Southeast Asian markets where regulatory requirements vary by country and continue to develop. Our work covers cyber policy, risk, and compliance - we balance regulatory obligations with operational realities so Grab can move fast without compromising on security or stability. The scope ranges from quick risk reviews to multi-quarter, organisation-wide compliance programmes.

We are a fast-paced team and expect people to be self-starters - to take ownership of their work, hold themselves accountable, and drive things forward without needing to be prompted. We make decisions collaboratively and work toward consensus, but we ask tough questions when something needs to be challenged. We are building automation and AI tooling to modernise how risk management works at Grab's scale.

Get to Know the Role

This internship is in the Cyber Risk & Control team, reporting to the Senior Manager, Risk and Control. You will also work regularly with the Security Automation team and get direct visibility into how both teams operate and where they intersect. The work is hands-on from day one - you will build AI agents and automation workflows to cut manual effort out of risk and compliance processes, contribute to internal tooling, and build dashboards that surface risk insights.

You will be onsite at our Petaling Jaya office five days a week.

The Critical Tasks You Will Perform

• You will design and build AI agents to automate GRC workflows - control assessments, evidence collection, risk narrative generation - using approved AI platforms.
• You will write Python scripts and API integrations to connect GRC platforms, ticketing systems, and internal data sources, cutting out the manual handoffs that slow the team down.
• You will build dashboards that pull from security and compliance data sources, so partners at any level can read the risk picture without needing a walkthrough.
• You will contribute to internal GRC tooling - risk registers, control libraries, compliance tracking workflows - and keep them usable as the team's needs change.
• You will document what you build and walk the team through it. Nothing you deliver should become a black box once you leave.

What Essential Skills You Will Need

• Candidates who are available to start in August 2026, with 3 to 6 months of commitment
• Your studies as an Undergraduate in Software Engineering, Computer Science or a related discipline.
• Have working proficiency in Python, with coursework or personal projects that show you can write clean, maintainable, and testable code.
• Have a working understanding of APIs and REST-based integrations - enough to connect systems and debug when things break.
• Have coursework or project experience in at least one of: AI/ML, cybersecurity, data engineering, or risk and compliance.
• Comfortable writing technical documentation that others can follow - the systems you build need to be maintainable after your internship ends.

Life at Grab

We care about your well-being at Grab, here are some of the benefits we offer our Interns:

• Attractive Monthly Allowance!
• EPF (Employees Provident Fund) or SOCSO (Social Security Organization) where applicable.
• Balancing personal commitments and life's demands are made easier with our FlexWork arrangements such as differentiated hours

What We Stand For At Grab

We are committed to building an inclusive and equitable workplace that provides equal opportunity for Grabbers to grow and perform at their best. We consider all candidates fairly and equally regardless of nationality, ethnicity, race, religion, age, gender, family commitments, physical and mental impairments or disabilities, and other attributes that make them unique.