Cyber Security Intern

About The Position

Requirements

• Currently enrolled in a Cybersecurity, Computer Science, or Information Security degree.
• Foundational understanding of cybersecurity concepts including encryption, authentication, cloud identity, and common attack vectors.
• Basic familiarity with APIs, mobile apps, or cloud platforms (even conceptual).
• Exposure to Linux, command‑line tools, and scripting (e.g., Python, Bash).
• Strong curiosity about penetration testing across hardware, cloud, web, and mobile environments.
• Good communication skills and willingness to collaborate with a multidisciplinary engineering team.
• Introductory knowledge of: API security or OWASP API Top 10 Cloud security fundamentals (Azure, AWS, GCP) Mobile platform security models (iOS Keychain, Android Keystore, permissions systems)

Nice To Haves

• Familiarity with penetration testing tools such as Burp Suite, OWASP ZAP, Postman, Nmap, Ghidra, or mobile security toolkits.
• Understanding of embedded systems or firmware architectures.
• Awareness of cryptographic modules (Secure Elements, TPMs, HSMs).
• Experience writing simple automation scripts.

Responsibilities

• Assisting with penetration testing on hardware, firmware, cloud services, mobile apps, and web portal front‑ends.
• Supporting the execution of API security testing, including authentication/authorization validation and fuzzing.
• Helping evaluate mobile application security using static and dynamic analysis tools for both iOS and Android platforms.
• Participating in cloud security assessments, reviewing IAM configurations, API gateways, secrets management, and data‑flow protections.
• Documenting findings, reproduction steps, and remediation recommendations clearly and accurately.
• Collaborating in threat‑modeling sessions that span device, cloud, and mobile ecosystems.
• Contributing to hands‑on testing of embedded systems, custom firmware, cloud microservices, and mobile applications.
• Assisting in performing API endpoint discovery, input validation testing, and token‑based auth analysis (OAuth2, JWT, etc.).
• Supporting web portal assessments including session‑management testing, OWASP Top 10 analysis, and role‑based access control reviews.
• Participating in mobile application reverse‑engineering, local data‑storage evaluation, and API‑interaction security testing.
• Executing lab testing using hardware security tools as well as cloud‑security and mobile‑security toolchains.
• Maintaining vulnerability logs, mitigation tracking, and regression‑testing documentation across all platform types.
• Assisting in ensuring HID’s Secure Development Lifecycle (SDL) is followed for cloud, web, mobile, and device components.

Benefits

• Competitive salary and rewards package
• Competitive benefits and annual leave offering, allowing for work-life balance
• A vibrant, welcoming & inclusive culture
• Extensive career development opportunities and resources to maximize your potential
• To be a part of a global organization that is pioneering the hardware, software and services that allow people to confidently navigate the physical and digital worlds