Role
You will gain hands-on experience in cybersecurity by directly supporting the Technical Director and engineering teams in auditing, securing, and productizing our security services. This internship offers a unique blend of technical infrastructure auditing, application security assessment, and business-focused service design, culminating in the creation of a "Security-as-a-Service" model for Suitmedia.
Responsibilities
- Infrastructure Audit: Learn to conduct deep-dive reviews of internal access controls, cloud configurations, and CI/CD security hygiene.
- Vulnerability Assessment: Gain experience in assessing web applications against the OWASP Top 10, identifying risks in real-world client projects.
- Remediation Strategy: Collaborate with Tech Leads to translate technical security findings into actionable, business-conscious remediation plans that balance security with product performance.
- Product Development: Assist in designing standardized security benchmarks, checklists, and service modules that can be integrated into our client offerings.
- Commercial Strategy: Contribute to the development of "Security-as-a-Service" proposals, including defining pricing tiers and security-focused sales pitches.
- Strategic Reporting: Synthesize findings into a final business case, presenting findings and recommendations to the leadership team.
Qualifications
- Educational Background: Undergraduate student (3rd or 4th year) or fresh graduate in Computer Science, Cyber Security, Information Technology, or a related field.
- Professional Experience: No prior professional experience required, but experience with CTF (Capture The Flag) competitions, security research, or personal projects involving penetration testing/infrastructure security is highly preferred.
- Technical/Hard Skills: Foundational knowledge of network security, cloud architecture (AWS/GCP/Azure), and web application vulnerabilities (OWASP Top 10). Familiarity with security scanning tools and basic scripting (e.g., Python, Bash) for task automation. Understanding of secure coding principles and CI/CD pipelines.
- Soft Skills: High level of integrity and confidentiality. Exceptional analytical mindset—the ability to look at a system and identify both weaknesses and business impacts. Excellent communicator, capable of explaining technical security debt to non-technical stakeholders.
- Bonus Points: Certifications (e.g., CompTIA Security+, OSCP, or equivalent) or active bug bounty participation.