Internship - Security & Compliance

IMPORTANT: WE CANNOT PROVIDE VISA SPONSORSHIP

Details

Preferred starting date: ASAP

Weekly availability: full-time (5 days/week)

Location(s):

• Delft, The Netherlands
• Fully remote, with occasional travel to Delft
• Fully remote, with access to a (future) Munich office and occasional travel to Delft

About the company

Fiducial is a young but fast-growing deep-tech start-up with big ambitions at the frontier of autonomy, perception, and defence. We develop and deploy software for on-board UAV 3D vision in military applications. Our software solutions are built for scalability first, using low-cost and widely available sensors and compute.

Why work with us

We develop our software in the field and close to the points of use. Flight testing is key for what we do and we test all across Europe. Our team members have strong academic background in different fields such as Aerospace Engineering, Computational Science and Engineering, Robotics and Computer Graphics. Our main office is located in the TU Delft campus in the faculty of Aerospace Engineering.

We work closely with top-tier partners, ranging from drone manufacturers to research institutes. Our projects span from orders in collaboration with operational partners to low-TRL research with government agencies. Whether through formal R&D programs or rapid prototyping tracks, we operate at the intersection of innovation and deployment.

Your role

As a Security & Compliance Intern, you will help build and structure Fiducial's internal compliance and security framework. This is a governance and administrative role, not a technical engineering role. Your value lies in your ability to understand frameworks, translate requirements into policies, and help execute compliance processes in a structured and disciplined way.

Your work will include:

• Supporting the setup of our information security management framework based on ISO 27001 principles — drafting policies, control structures, and documentation
• Assisting with the implementation of ABDO/ABRO security requirements applicable to our defence-oriented environment
• Structuring and maintaining internal documentation: asset registers, risk registers, data classification schemes, and access control policies
• Translating security and compliance requirements into clear, practical guidelines for our team
• Supporting export control activities: conducting due diligence on potential customers, assisting with export license applications, and maintaining related administrative records
• Identifying gaps between current practices and required standards, and proposing structured improvements

You will work closely with leadership and interact with engineering teams - not to build systems, but to understand them well enough to document, classify, and assess them from a compliance perspective.

The Environment

You will operate in a security-sensitive, regulated environment inspired by defence sector practices. Our approach is:

• Structured around ISO 27001 principles
• Informed by ABDO/ABRO defence security requirements
• Shaped by evolving EU regulatory requirements including NIS2 and dual-use export control regulations

This means working in an environment where access to information is strictly controlled, documentation matters, and process discipline is expected.

What We're Looking For

You do not need to be a developer or cybersecurity engineer. You do need to be someone who can think in systems, work rigorously with documentation, and engage seriously with regulatory frameworks.

We are looking for someone:

• Currently studying Law, Public Administration, Security Studies, Business Administration, or a related field - or a technical study with a strong interest in governance and compliance over engineering
• With a genuine interest in compliance frameworks, risk management, and policy work
• Who can understand concepts like data classification, access control, or asset management at a conceptual level - you don't need to configure systems, but you need to understand why these controls exist
• Who is structured, precise, and comfortable working independently with complex documentation
• With strong written communication skills in English (Dutch is a plus)
• Proactive and disciplined — you take ownership of your tasks and follow through

Strong plus:

• Familiarity with ISO 27001, ISO 37001, or similar management system standards
• Exposure to export control regulations (EU Dual-Use Regulation, ITAR awareness)
• Interest in the defence sector, regulated industries, or national security topics
• Experience drafting or reviewing policy documents

What We Offer

• Internship compensation in line with Dutch market standards (HBO/WO level)
• 10 vacation days during the internship period
• Hybrid working arrangement with flexible hours — onsite presence required on a regular basis
• Direct exposure to a high-growth defence tech environment
• Real responsibility: the frameworks and policies you build will be used in practice
• A steep learning curve in one of the most regulated and strategically relevant sectors in Europe

The application procedure

• If after reading the above you are convinced you are the right person for the job, send us some information about yourself: a CV, a LinkedIn profile, a short motivation letter, or a combination, as long as we get a clear impression of your background and skills. We’ll get back to you as soon as possible.
• If we see a potential fit, you’ll first receive a short follow-up questionnaire. Based on your answers, we’ll invite you for an interview based on a compliance scenario.
• If at this point we feel you are the person we are looking for, we’ll discuss the specifics.