This article covers responsibilities such as assisting in identifying and patching security vulnerabilities across app, backend, and cloud infrastructure; supporting implementation of secure authentication, data encryption, and access control mechanisms; monitoring logs and alerts with basic SIEM tools; contributing to documentation and compliance workflows; and researching open-source tools for endpoint protection, secure APIs, and threat modeling for students and recent graduates.
What You’ll Work On
As part of the security team you will take on practical tasks that strengthen applications, backend systems, and cloud infrastructure. Key areas of responsibility include:
- Vulnerability identification and patching — Assist in identifying and patching security vulnerabilities across app, backend, and cloud infrastructure, supporting remediation efforts and follow-up verification.
- Secure authentication and access control — Support implementation of secure authentication, data encryption, and access control mechanisms to protect user data and system integrity.
- Monitoring and detection — Help monitor logs, alerts, and potential threats using basic SIEM tools, contributing to early detection and escalation of security incidents.
- Documentation and compliance support — Contribute to internal security documentation, audit preparation, and compliance workflows (RBI, ISO, etc.), assisting with evidence collection and process alignment.
- Research and testing — Research and test open-source tools for endpoint protection, secure APIs, and threat modeling to evaluate practical protections and integration options.
What We’re Looking For
The role is geared toward learners and early-career professionals who can apply core security knowledge to real tasks. Desired background and skills include:
- Education — Student or recent graduate in cybersecurity, computer science, or related field.
- Core security understanding — Basic understanding of OWASP Top 10, secure coding practices, and network security to support vulnerability assessments and secure implementations.
- Tool familiarity — Familiarity with tools like Burp Suite, Wireshark, Nmap, or similar to assist in testing, analysis, and monitoring activities.
- Domain interest — Interest in fintech, data privacy, and regulatory compliance to align work with sector-specific risks and requirements.
- Bonus skills — Experience with cloud platforms (AWS/GCP), Linux, or scripting (Python, Bash) is a plus for automation and cloud-related tasks.
This role combines hands-on security tasks with compliance and research responsibilities, offering a focused opportunity for students and recent graduates to apply OWASP, secure coding, and tool-based skills in real environments.
