Must be enrolled in an accredited university, pursuing an undergraduate degree in Information Security or a related field, with an expected graduation by Spring 2026.
Knowledge of penetration testing or related security practices.
Basic understanding of software development, with the ability to read code to identify security issues (software engineering experience is not required).
Strong communication and collaboration skills, with the ability to work effectively with engineering teams.
Responsibilities:
Collaborate with engineers, consultants, and leadership to identify security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC).
Validate security controls to ensure compliance with industry best practices.
Perform manual security testing on products and services to proactively identify vulnerabilities and work with developers to resolve them.
Manage vulnerabilities identified by SAST, SCA, and DAST tools, guiding the development teams from triage to remediation.
Investigate and triage vulnerabilities reported through the Responsible Disclosure program.
Work closely with development teams, providing guidance and support for the remediation of security issues across applications, services, and other areas.
Recommend and communicate remediation guidelines for vulnerabilities to developers and other technical teams.