Cybersecurity Researcher - Internship

Internship
Paris
Salary: Not specified
Unknown
Apply

GitGuardian
GitGuardian

Interested in this job?

Apply
Questions and answers about the job

The position

Job description

About GitGuardian

GitGuardian is a global post-Series B cybersecurity scale-up. The company is based in Paris, with 140 team members between France and the USA.

Among our early investors who saw our market value proposition, are the co-founder of GitHub, Scott Chacon, along with Solomon Hykes, Docker's co-founder. American and European top-tier VC firms have also invested in GitGuardian.

GitGuardian leads the way in Non-Human Identity security, offering end-to-end solutions from secrets detection in code, productivity tools and environments to strong remediation, observability and proactive prevention of leaks. 

Our solutions are already used by more than 600K developers worldwide!

About your team and your mission

    You will join a new team called “Security Research”. This very central team has various missions but aims at pushing the boundaries of innovation in the secret detection and analysis field.

    We are looking for an inquisitive and motivated intern. If you join our team, you will have the opportunity to pioneer work around secret leak analysis. Your main mission will be to imagine and implement new techniques for secret attribution. This could include: 

    • Analysing secrets from various service providers
    • Correlate leaked secret information
    • Develop OSINT tools and techniques

        Secret attribution is a cornerstone of GitGuardian products that allows raising relevant alerts to companies. A better attribution strategy increases the number of leaked secrets companies can find. For this reason, your work will have a direct impact by making our product even better!

        You will also take part in the team’s daily activities including:

        • Triaging secrets
        • Assessing secret leak incidents
        • Developing detection capabilities
        • Writing technical content for our corporate blog

            About you

            If you think you match at least 70% of these criteria, please apply!

            Here's what we consider essential for success in this role:

            • You are familiar with Python and the Unix command line environment
            • You understand how cyberattacks work & understand the importance of defense in depth
            • You have a basic knowledge of cloud technologies
            • You have basic knowledge of git & docker
            • You speak French and English fluently and you can write technical documentation in English.

            The interview process

            0. Solve the assignment

            It should not take too much time to complete, but the solutions will help validate your skills and drive the discussion during the interviews. The assignment is also designed to ensure that you enjoy the theme as well as the technical aspects of the internship.

            Your assignment is to send the source code of a tool when you apply to this internship. This tool should:

            • take a GitHub API token as input
            • check if it is valid or not
            • identify the corresponding developer and other relevant information
            • retrieve the scope of the token

            The output should be easily parsable by a machine. 

            Bonus: develop a similar tool for GitLab API tokens.

            1. Screening call with a team member (15min)

            To discover your professional project and evaluate if there could be a mutual match.

            2. Interview with your future manager

            To know more about yourself and your achievements, present to you the team, to evaluate your skills for the position and project yourself into the role.

            3. Interview with a Senior Manager (optional)

            To detail our company’s vision and ambitions for the next couple of years.

            Benefits

            • 🍜 Lunch voucher (Swile)
            • 🎡 Team building: monthly activities for the whole company + dedicated budget that you can spend as you want with teammates! (last examples: karaoke, karting, restaurant, ...)
            • 🤝 Referral bonus of 4000€ for any new Guardian we might hire thanks to you

            And also...

            • 🏡 Hybrid remote policy: at least 3 days/week at the office
            • 👫 Trust & autonomy on your scope with a very transparent internal communication and a strong impact on the company development
            • 👊 Working on a meaningful product; we already helped more than 600k developers across the globe
            • 🚀 Potential opportunities for career development in the long term
            • Learn more about our culture in our Starter Guide.

            More about GitGuardian!

            Products

            • Check out the State of Secrets Sprawl Report to understand our mission and the industry.
            • Learn how GitGuardian works in this video!
            • Our solutions are already used by hundreds of thousands of developers in all industries and GitGuardian platform is the n°1 security app on the GitHub marketplace 🔥

            Clients

            • GitGuardian helps organizations find exposed sensitive information that could often lead to tens of millions of dollars in potential damage.
            • More than 70% of our customers are in the United States.
            • Many F500 companies use GitGuardian's platform.

            People

            • The Guardians are knowledgeable, committed, serious, aligned with the company’s mission, and true team players: always willing to help each other grow our skill sets!
            • The team is diverse and we hail from more than 20 different countries.
            • Read former interns' testimonies!
            • We are also agile, remote-friendly, and fun people to work with.
            • 🐕 Pet-friendly offices, some Guardians gets to bring their dogs from time to time.


            At GitGuardian, we are committed to building a diverse, equitable and inclusive workforce.

            We will ask for your gender identity on the application page to help us understand the diversity of our applicant pool and to track our progress in attracting and hiring a diverse workforce. The information is optional and will not be disclosed to the hiring manager or the interview team and will not be considered in the hiring process. We appreciate your willingness to share this with us so that we can continue to improve our diversity, equity and inclusion efforts.

            Want to know more?

            Apply