Security Engineer - Intern

Ema is seeking a motivated undergraduate or recent graduate for an Intern Security Engineer role. This position offers practical experience in web and API security, involvement in red teaming, and support for compliance and governance initiatives. Key responsibilities include manual web and API penetration testing, assisting with governance and compliance, supporting InfoSec operations like SAST and SCA, and monitoring security alerts for remediation.

Must Have

• Perform manual web application and API penetration testing to identify vulnerabilities
• Assist with red teaming activities
• Assist with governance and compliance operations, including audits and reporting
• Support SAST, SCA and other InfoSec Operations
• Monitor compliance requirements, triage security alerts, and support remediation
• Experience with reconnaissance and red teaming tools like Amass, Nmap, ffuf, Nuclei, BeEF
• Proficiency with Burp Suite or OWASP ZAP for manual testing
• Strong understanding of web and API security concepts, including OWASP Top 10
• Exposure to bug bounty programs and/or Capture The Flag (CTF) competitions
• Analytical mindset with problem-solving abilities
• Basic understanding of cloud platforms (e.g., GCP, Azure) and IAM concepts

Location

India - Bengaluru

Employment Type

Full time

Department

Engineering

**About the Role

**Ema is looking for a driven undergraduate or recent graduate with a strong passion for cybersecurity to join as an Intern Security Engineer. This role offers hands-on experience in web and API security, participation in red teaming activities, and support for compliance and governance initiatives.

Key Responsibilities

• Perform manual web application and API penetration testing to identify vulnerabilities and assist with red teaming activities.
• Assist with governance and compliance operations, including audits and reporting.
• Support SAST, SCA and other InfoSec Operations.
• Monitor compliance requirements, triage security alerts, and support remediation.

Required Skills

• Experience with reconnaissance and red teaming tools like Amass, Nmap, ffuf, Nuclei, BeEF, etc. and proficiency with Burp Suite or OWASP ZAP for manual testing.
• Strong understanding of web and API security concepts, including OWASP Top 10.
• Exposure to bug bounty programs and/or Capture The Flag (CTF) competitions.
• Analytical mindset with problem-solving abilities.
• Basic understanding of cloud platforms (e.g., GCP, Azure) and IAM concepts.