IT Security Intern


IT Security Intern


We are now seeking interns to work as security researchers for our firm. An initial period of three months could become a one-year internship. Based on successful all-around performance, the candidate may be offered a full time employment at the end of one year. Apart from the fundamental requirements listed further below, the ideal candidate understands that fully embracing an attitude of ownership, proving character integrity, and learning with an attitude of appreciation, will put him/her in direct line for being offered a full time position at the end of one year.

The successfull candidate must be allowed to work full-time in Australia.

Distinguishing Role Characteristics

The role is largely based in conducting security research. Work ethics along with timeliness and an anticipatory vision in seeing beyond the obvious are valuable characteristics of the intern who wishes to thrive at Mossé Security, for the purpose of future growth and advancement within our company.

Qualities

Beyond his or her technical skills, the successful applicant should first and foremost be someone who is personable, neatly presentable, well organized and efficient. Superior communication skills, both verbal and written, as well as interpersonal skills be considered as best matches with the culture and environment of the Company.

The candidate’s work ethics should include dedication and conscientious awareness, focused to deliver the best outcome to clients and consistently achieve client satisfaction through excellence. Choosing to do the very best of actions on a daily basis become habitual actions of a candidate who has discovered and developed his self-leadership.

Essential Duties and Responsibilities
  • Conducts security research and writing tools to contribute to the company’s ‘know-how’
  • Writes decent code and documents it well

Required Knowledge and Skills
  • Write programs in C, Go or Ruby and/or Python, and use SQL
  • Experienced with security tools: Burp proxy, Metasploit, Nessus, Kali, and others
  • Some knowledge of Windows internals: registry, processes, portable executable format, scheduled tasks, users and groups, active directory, event logs, NTFS and FAT file systems, and scripting interfaces.
  • Some knowledge of network protocols: HTTP, FTP, SSH, DNS, etc.
  • Some knowledge of network infrastructure: Active Directory, Windows Server, Databases, Web Servers, Linux etc.

Attributes
  • Excellent communication
  • Professional in demeanor and appearance
  • Prioritize tasks as directed
  • Quick study, whilst maintaining a curiosity for acquiring further learning
  • Punctuality - at work and for meetings, email acknowledgements replied promptly, and messages returned same day are non-negotiable musts
  • Team player

Education Profile

Preference will be given to the candidate who has a B.A. in IT Security, furthermore demonstrating a natural talented and gift for computer security.

  • University graduates with diplomas in IT security or computer science
  • bx0r 1337 hackers with no diplomas, however demonstrating a portfolio and a strong track record of his/her skills.

Inquiries


Technical Assessment

Challenge Description
Programming The Windows utility "reg.exe" allows users to interact with the Windows registry via the command line. With this challenge, we request that you re-implement the "add", "delete", and "query" functionalities of "reg.exe" in, either Golang, Python, or C/C++, and email us your source code. We'll verify your solution by compiling your code, and testing it. You may earn bonus points by implementing other functionalities not listed above.
File Analysis Download and extract the following zip file with some malware samples. The password for the archive is "malware". For each file, answer the following questions:
  • What type of file is it?
  • On what operating system would the file run?
  • Which threat actor is the file associated with, or could be associated with, if any? Why?
  • What parts of the operating system does the file interact with? E.g. the registry, the Service Control Manager, Windows Sockets etc.
Reverse Engineering (optional) This challenge is optional. You may do it if you wish to differentiate from the other candidates applying for this job position.

For each of the malware files provided:
  • Select any sample you want, one or many, and reverse engineer them (partially or completely)
  • Explain why you selected the samples that you did
  • Draft short reports in Word documenting what you learnt about the samples you analysed

What Will We Assess?
  • Knowledge of OS Internals (Windows and Linux)
  • Ability to write simple programs
  • Ability to learn quickly and not give-up when confronted with difficult technical challenges

If you have fun solving the technical challenges above, you'll likely love working with us.

Act Now!

To apply to work for this position, please email your curriculum vitae and solutions to the technical assessment to [email protected]. If you succeed the technical assessment, we guarantee you an interview with us within ten (10) days of verifying your submission.