{bc}
indeed

Information Security Intern

Tabby
الرياض, KSA
Internship
Intern
1 weeks ago
Vulnerability AssessmentPenetration TestingOWASP Top 10Burp SuitePythonGo
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

Vulnerability AssessmentPenetration TestingOWASP Top 10
Smart Apply

Full Job Posting

Description

  • Tabby builds financial products used by millions of users across the GCC. We work on high load, security critical systems with strict regulatory requirements. The Information Security function protects Tabby across mobile apps, backend services, payment integrations, and cloud infrastructure.
  • This internship is not educational by default. It is an engineering role with real responsibility.
  • Information Security at Tabby covers two complementary tracks: VAPT and GRC.
  • The internship is designed for strong early career engineers who want to grow as security practitioners.

Key Responsibilities

  • Triage findings from SAST, DAST, SCA, and dependency scanners across mobile and backend repos.
  • Reproduce and document vulnerabilities; write clear remediation tickets for product teams.
  • Contribute to secure code reviews on selected merge requests (auth, input validation, data handling).
  • Participate in threat modelling sessions for new features and produce write ups.
  • Run scoped assessments against staging environments under senior sign off.
  • Help maintain security tooling: scanner configs, baseline rules, dashboards, false positive triage queues.
  • Help with security checks during release cycles.
  • Contribute to DevSecOps — security gates in CI/CD pipelines, dependency and container image scanning.
  • Exposure to logging, monitoring, and alert triage workflows alongside the SOC.
  • Participate in incident response exercises and post mortems alongside senior engineers.

Skills, Knowledge & Expertise

  • Solid understanding of information security fundamentals: confidentiality, integrity, availability; common attack categories (OWASP Top 10) and common control categories.
  • Understanding of HTTP, TLS, DNS, and TCP/IP fundamentals.
  • Understanding of authentication and authorization patterns (sessions, cookies, OAuth 2.0, JWT).
  • Familiarity with Linux command line and POSIX like environments.
  • Ability to read technical material and explain it clearly in writing.
  • Experience with Git and standard development workflows.
  • Strong ethical mindset and discretion.
  • English sufficient for documentation and team communication.

Format

  • Paid internship.
  • Full integration into the Information Security team.
  • Distributed engineering team across multiple countries.
  • Open to Saudi nationals (Saudi passport required); location flexible.
  • Office first in Riyadh where possible.
  • Clear path to a junior Information Security engineer role based on performance.

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Tabby