Security Engineering Intern, Red Team

Location TBD·Posted today
cryptoweb3blockchainsmart-contractsdefifintechcybersecurityinfrastructurelogisticspythongoaws
Are you ready to be the first line of offense for one of the fastest-growing companies in the Cryptocurrency and Blockchain space? We're looking for a Security Engineering Intern (Red Team Sector) to think like an adversary, break things before attackers do, and help us build a platform our users can trust with their assets. In crypto, every vulnerability has an immediate, irreversible dollar value attached. That's the bar you'll be operating at. What you'll be doing: Offensive security engagements across our web, mobile, API, and microservice surfaces, as well as cloud infrastructure and internal systems. Perform application security assessments and penetration tests, with a focus on the attack paths that matter most in a crypto/fintech context: authentication and session handling, wallet and key management flows, transaction integrity, withdrawal and KYC bypasses, business logic abuse, and privilege escalation. Conduct manual secure code review on production codebases to find vulnerabilities that scanners miss, with particular attention to financial logic, race conditions, and trust-boundary violations. Research emerging threats in Web3, mobile, and cloud — new exploitation techniques, smart contract attack patterns, DeFi exploits, supply chain attacks — and translate them into proactive testing methodologies before they hit production. Write robust scripts, automate offensive workflows, and create frameworks that scale red team coverage across a fast-moving codebase. What we're looking for: Knowledges in offensive security, penetration testing, or red teaming, with demonstrated hands-on experience in web and mobile application security, through CTF competition or bug bounty engagement. Final year at university with degree focusing on Computer Science, Information Systems, Engineering. Strong fundamentals in offensive security, application security, and security engineering. Strong familiarity with Linux and cloud ecosystems, especially AWS. Proficiency with industry-standard tooling: Burp Suite, intercepting proxies, fuzzers, and the broader pentester's toolkit. Working knowledge of OWASP (Top 10, ASVS, MASVS), CWE, and modern appsec frameworks. A builder's mindset; comfortable scripting and automating in Python, Go, or similar to scale your own work. Outstanding written and verbal communication in English , the ability to distill technical nuance into narratives that drive engineering and business change. A collaborative spirit, eager to work alongside engineers, researchers, and product teams to embed security into every phase of development. Advanced understanding and/or experience working in a Cryptocurrency/Blockchain/Fintech/Finance Trading domain preferred What’s in it for you: Hands-on experience across multiple cybersecurity domains Mentorship from experienced security professionals Exposure to enterprise-grade security tools and technologies Opportunity to participate in real security operations and projects Potential pathway to full-time employment based on performance Flexible schedule to accommodate academic commitments Duration 3-6 months , with possibility of extension based on performance and mutual agreement. Find out more about Coinhako here https://www.coinhako.com/ and don't forget to visit our Careers Page https://www.coinhako.com/join-us By submitting your application to us, you consent to the collection, use, disclosure and processing of your personal data in accordance with our privacy policy, which is accessible at https://www.coinhako.com/legal/sg-1/privacy_policy .