Requisition ID: 2xxxx6
Work Area: Software-Development Operations
Expected Travel: 0 - 10%
Career Status: Student
Employment Type: Limited Full Time
(COMPANY NAME) started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That's why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.
(COMPANY NAME) values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it's the best-run businesses that make the world run better and improve people's lives.
PURPOSE AND OBJECTIVES
Cyber-attacks can disrupt and cause considerable financial and reputational damage to even the most resilient organizations. If an organization suffers a cyber-attack, it stands to lose assets, reputation and business, and potentially face regulatory fines and litigation. Most cyber-attacks are automated, indiscriminate and evolve at an alarming rate.
Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from damage or unauthorized access from cyber-attacks. Ensuring cybersecurity requires coordinated efforts throughout the development lifecycle of products. An important element in this lifecycle is Security Testing. Security Testing reveals flaws in the security mechanisms of products during development and helps prevent attacks such as SQL injection, XSS, DoS.
Within (COMPANY NAME) Global Security (SGS), the Security Testing team enables (COMPANY NAME) development teams to build secure software by providing a service for automated source code scans complemented by other test methods, such as dynamic checks, fuzzing, and penetration testing. This automated security analysis of potentially large software products allows to detect and eliminate security flaws at an early stage in the development cycle before the products are shipped to (COMPANY NAME) customers. The team also provides central education and consulting to develop security awareness in (COMPANY NAME) and help development teams make effective use of these tools. Finally, the team carries out research projects in white spot areas and develop its own security testing tools for specific configurations that are not well supported by standard static analysis tools (SAST) or dynamic analysis tools (DAST).
Our strengths rely on an international and multicultural team. The team is made up of highly skilled and passionate individuals who together bring many years of experience from various areas of application security. We are looking for a passionate and collaborative intern with a hands-on mindset.
The internship will take place in the context of the security testing training delivered in (COMPANY NAME) worldwide. With this internal training, each trainee learns: what testing tools to use, how to use the tools and when to test.
The scope of this training is to present an overview of the security testing strategy describing the security testing tools (Fortify, Checkmarx, WebInspect, Zap) and giving to any (COMPANY NAME) developer some best practices and recommendations to follow. The training comes into two flavors: an online training where the trainees can learn by themselves and a classroom training where two trainers deliver the training onsite. The classroom training runs over two days and is made of security theory and hands-on exercises. Each participant of the training can connect to a virtual machine with all the testing tools already installed and pre-configured. For each training, we set up this technical infrastructure for the participants.
The successful candidate will perform the following tasks:
* Automation, deployment and monitoring of the Security Testing servers for online trainings.
* Development of a new module to create on-demand pre-configured virtual machines for online Security Testing trainings.
* Contribution to training material for classroom and online Security Testing trainings (e.g. creation of new security challenges and exercises).
* Technical coordination of the infrastructure of classroom Security Testing trainings.
The intern will have the opportunity:
* To discuss with security experts and she/he will gain expertise in the area of static and dynamic security analysis.
* To be fully part of a Security Team in (COMPANY NAME) and improve her/his knowledge in Security which is particularly important in a big company.
* To work mainly on devops tasks, however she/he should be flexible in order to tackle diverse type of tasks (like support, testing, design and communication about the Security Testing training).
In addition to a strong scientific and technical background, the position requires strong problem-solving capabilities with the ability to communicate effectively. The ideal candidate will have/be:
* Good technical/development skills
* Knowledge in Docker and Nagios
* Willingness and proven ability to quickly acquire development proficiency in new technologies
* Fluent in English (working language)
* Good oral and written communication skills
* Knowledge of (COMPANY NAME) environment is a plus (e.g. Monsoon)
* Knowledge in Security is a plus.
WHAT YOU GET FROM US
Success is what you make it. At (COMPANY NAME), we help you make it your own. A career at (COMPANY NAME) can open many doors for you. If you're searching for a company that's dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment - apply now.
(COMPANY NAME)'S DIVERSITY COMMITMENT
To harness the power of innovation, (COMPANY NAME) invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.
(COMPANY NAME) is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Cxxxxxx.firstname.lastname@example.org or Cxxxxxx.email@example.com, APJ: Cxxxxxx.firstname.lastname@example.org, EMEA: Cxxxxxx@xxx.xxm).
Successful candidates might be required to undergo a background verification with an external vendor.
Job Segment: Curriculum, ERP, Law, Consulting, Education, Security, Technology, Legal