Booking Holdings Romania - IT Risk & Compliance Intern

Booking Holdings Romania is a Center of Excellence based in Bucharest, Romania and was created to support the increasing business demands of the Booking Holdings Brands. The Center of Excellence provides access to specialized and highly skilled talent, leading industry best practices, and collaboration opportunities across all of our Brands.

As part of our Booking Holdings Romania team, you will have the opportunity to be a part of the world’s leading provider of online travel, with a mission of making it easier for everyone to experience the world through five-primary consumer facing brands: Booking.com, Priceline, Agoda, KAYAK and OpenTable.

Role description

The IT Risk & Compliance Intern is responsible for partnering with risk owners throughout the Tech business function and other business units to assist in designing and maintaining internal controls in line with our risk appetite and to maintain the quality of our processes. The role requires to work closely with stakeholders from multiple departments and to have a strong big picture focus, but be able to zoom in and out of the details to ensure full process understanding.

Responsibilities and skills required for the IT Risk & Compliance Intern role are tightly linked to the Capability Area they work for, in Risk Management (focus on risk identification, analysis and treatment), Risk Governance & Project Management (focus on policy governance), or Third Party Risk Management & Customer Trust (focus on 3rd party risk).

The IT Risk & Compliance Intern role requires basic stakeholder management skills, and to be comfortable with challenging risk owners to come up with robust, scalable solutions which mitigate key risks while enabling successful business operations.

This role provides a determined contract of 6 months, a working schedule of 4 hours/day and a hybrid way of working with an onsite presence of 2 days/week.

Key Job Responsibilities and Duties

•

Learn & Comprehend IT Controls: Develop a foundational understanding of IT control narratives within your assigned area to confidently discuss them with the team.

•

Assist with Control Monitoring: Help the team monitor control implementation and execution; learn to identify issues and document them for proper management escalation.

•

Support Documentation Accuracy: Coordinate with control owners to assist in tracking, organizing, and updating critical IT controls documentation.

•

SOX & PCI Compliance Support: Assist with administrative and tracking tasks related to IT SOX & PCI control design, reporting, and remediation follow-ups.

•

Audit Preparation Support: Provide hands-on support during internal and external audits (SOX and PCI assessments) by gathering documentation, scheduling walkthroughs, and tracking follow-up action items.

•

Shadow Control Assessments: Participate in and shadow control assessments to learn how organizations evaluate and provide assurance on control performance.

•

Learn Practical Control Design: Contribute to brainstorming sessions regarding sustainable, "right-sized" control designs, learning how to balance security with business efficiency without overengineering.

•

Execute Control Testing: Under the guidance of a team mentor, support the testing of internal controls according to predefined test plans and frequencies.

•

Framework Mapping: Assist the team in mapping internal controls to recognized industry frameworks and cybersecurity best practices.

•

Dashboarding & Reporting: Help maintain, update, and generate reports on control execution, coverage, and issues using industry-standard tools (e.g., Jira, Tableau, ServiceNow).

•

Adaptability & Growth: Maintain flexibility to support dynamic business needs while proactively building your knowledge of internal controls, enterprise systems, and the overall IT process landscape.

Role Qualifications and Requirements

•

0 - 1 years of relevant experience.

•

Good to have basic experience in business analysis, auditing, corporate governance, risk management or internal controls.

•

Good to have the ability to develop solid relationships with business partners in order to drive the adoption of the risk management culture.

•

Good to have basic technical understanding of internal control requirements and design and experience in applying them in various businesses.

•

Strong willed individual with a learner mindset and a team-player.

•

Enthusiastic, self-learner and thrives in changing environments

•

Good communicator, quick thinker & confident

Benefits & Perk s

•

Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of travelers worldwide

•

Working in a fast-paced and performance driven culture

•

Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation

•

Competitive compensation and benefits package

•

Vast amounts of data to validate your ideas and the opportunity to experiment with real users

Booking Holdings is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.

Pre-Employment Screening

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.