Linode’s Security Engineer Intern is responsible for working on the analysis and implementation of tools and leveraging a mix of open source solutions as well as commercial off the shelf software to strengthen the security posture at Linode. The individual who is in this role is expected to do a comparative study on the feasibility of different reactive and proactive tools for security analytics, intrusion detection and prevention, and vulnerability detection through static, dynamic, and dependency analysis. There will be an emphasis on the concise documentation of feasibility and efficacy before initiating the implementation of potential solutions.
-Build proof of concept or proof of value security control prototypes within the scope provided by Lindoe CISO.
-Participate in security projects including but not limited to: asset inventory & classification, Identity & Access Management, SOC, vulnerability management, configuration hardening/attack surface reduction.
-Triage vulnerabilities submitted by security researchers through Hackerone and other threat/vulnerability sources.
-Analyze & monitor external threats and develop mitigation solutions to protect Linode’s services.
-Conduct advanced security research and development as requested.
-Implement, maintain, and improve the accuracy of existing automation tools (SAST/DAST, DevOps, configuration hardening, etc.) to help reduce false positives.
-Research & propose avenues to add security solutions from code editors (where code writing starts) through production (where code finally rests) – CI/CD pipeline through scripts.
-Identify hardware-related vulnerabilities and develop solutions to mitigate them.
-Help in the gap analysis if compliance-related audits emerge within the tenure.
-Instill a secure-by-design culture throughout the entire company by educating security best practices using effective principle-based persuasion techniques.
The ideal intern will understand the current process and security posture at Linode and help Linode’s agile culture to a Secure agile culture to mitigate future threats through optimized security controls, procedures, and automation.
-Obtained or working towards a degree closely related to this position (Computer Science, CyberSecurity, etc)
-Understanding of Linux, virtualization, and networking concepts
-Computer Science fundamentals like complexity analysis, computational logic, and standard sort/search algorithms.
-Strong communication skills to work with both collaborative cross-functional team of peers and departments within the company (product development, operations, networking, etc.)