Intern, IT Security

Established in 2017, QCP is one of the first digital asset trading firms in Singapore, with a vision to partner the next generation of investors to unlock institutional opportunities in digital assets.

QCP brings to clients deep expertise gained from thriving through multiple market cycles. A global market maker in digital asset derivatives with a vast network of liquidity providers and counterparties, we are shaping the future of digital asset markets through greater access and efficiency.

We offer a range of tailored derivatives and spot trading as well as structured solutions to institutional, professional and accredited investors. We also provide 24/7 liquidity across various markets in partnership with various exchanges and platforms.

QCP is headquartered in Singapore and is supported by a strong team of professionals in trading, business development, operations, risk and compliance teams.

Our in-house publications track the constantly evolving state of digital assets and markets, and can be accessed on our Telegram (t.me/QCPbroadcast), website (qcpgroup.com), Twitter (@qcpgroup) and LinkedIn.

Responsibilities

We are seeking a highly motivated IT Security Intern to join our Security Operations and Engineering team. The ideal candidate is passionate about security operations, has a foundational understanding of enterprise-grade tools and platforms, and is eager to develop hands-on experience in documentation, policy design, and red teaming methodologies. This internship is an excellent opportunity to gain deep exposure to corporate security environments, particularly within Microsoft Azure and hybrid infrastructures.

• Develop and maintain detailed SOP documentation for SIEM use cases and incident response workflows.
• Ensure clarity and completeness in procedures covering log analysis, offense triage, rule tuning, and escalation processes.
• Collaborate with security team to refine and update playbooks based on evolving threat landscapes and internal feedback.
• Assist in test, configuration and documentation of Microsoft Entra ID (formerly Azure AD), including Conditional Access Policies and Identity Protection.
• Participate in patch management develop the method of procedure including implementation plan, test Plan, and rollback plan for patching cycles, and verifying remediation success.
• Gain familiarity with compliance alignment through secure configuration baselines and vulnerability resolution tracking.
• Manage project priorities, deadlines, and deliverables, alongside ad-hoc duties.

• Positive attitude, willingness to learn, and proactive in problem identification and solution.
• Currently pursuing or recently completed a degree in Cybersecurity, Information Technology, or a related field.
• Familiarity with SIEM Platforms, Microsoft Azure, Microsoft Active Directory, Group Policies Objects, Patch management Principles, and security tools (e.g., Nmap, Burp Suite, Metasploit).
• Strong written communication skills with an eye for detail in documentation.
• Ability to research and learn on the job on technical topics quickly.
• Certifications or coursework in Security+ / Azure Fundamentals / Offensive Security (OSCP, CRTP, etc.) would be good.
• Exposure to scripting or automation tools (e.g., PowerShell, Python) for security automation.
• Awareness of MITRE ATT&CK framework or cyber kill chain methodologies.

The Environment We Offer

As a growing firm with a tightly-knit team, we respect and listen to all our employees. You will get the chance to make an impact by having your voice heard by everyone, including the management.

Our employees enjoy a high level of autonomy at work. We focus on substance, not form - as long as you can perform, you will be recognized and rewarded. We are also dedicated to supporting our staff and ensuring they develop holistically to maximize their potential in the long- term.

We also provide flexible working arrangement as required and a casual and fun environment to boot!