Cybersecurity Intern

Job Description

Company: Fenrir Security Private Limited

Location: IN

Location: Remote (India) Stipend: ₹15,000/month 3-month internship → Full-time offer About the Role Work directly with our founding team to build APS (Autonomous Pentesting Solution), an AI-native platform redefining how security testing is done at scale. This isn’t a training role. We want practitioners who’ve found real bugs in real systems and can help us teach AI to do the same. What You’ll Work On Web application pentesting (primary focus) — deep, manual testing of complex web apps; business logic flaws, auth bypasses, injection chains, multi-step exploitation API security testing — REST/GraphQL/gRPC; broken object-level auth, mass assignment, JWT attacks, API enumeration Mobile app pentesting — Android/iOS; reverse engineering, intercepting encrypted traffic, insecure storage, deeplink abuse Bug bounty-style research — hunting for novel attack paths, chaining low-severity issues into critical findings APS development — contribute attack patterns, validate AI-generated findings, and stress-test automation workflows Vulnerability documentation — detailed technical writeups with reproduction steps, impact analysis, and remediation guidance PoC development — building working exploits and test cases for identified vulnerabilities Who We’re Looking For Must-haves: Proven web application pentesting experience — OWASP Top 10 is the floor, not the ceiling Active bug bounty hunter with at least one public acknowledgment (Hall of Fame, CVE credit, or paid bounty on HackerOne/Bugcrowd/Intigriti) Solid understanding of API security — able to manually test and exploit API vulnerabilities beyond what scanners find Hands-on with Burp Suite (including extensions), and comfortable scripting in Python for custom tooling Able to write clear, professional vulnerability reports that a developer can act on Strong differentiators: Published CVEs or responsible disclosure credits Hall of Fame listings from recognized programs Experience with mobile app testing (Android preferred — APK reversing, Frida, traffic interception) CTF experience (especially web categories — SSRF, deserialization, XXE, prototype pollution) Certifications: OSCP, BSCP, CPTS, or equivalent hands-on certs Prior experience integrating security tooling with Python automation What You’ll Gain Direct mentorship from founders with deep security and AI backgrounds Hands-on role building a production-grade autonomous pentesting platform — your work ships to real customers Exposure to cutting-edge LLM/AI integration in offensive security workflows Fast-track to a full-time offer with market salary Interview Process Founder Call (30 min) — background, bug bounty stories, culture fit Technical Assessment (24h) — real-world web app challenge; we want to see your methodology, not just your answer Security Lead Round (45 min) — deep dive into your solution, past findings, and how you think about automation bugbounty vapt redteaming cybersecurity

Source: Recruit.net