This is a Information Security Engineer Intern, Security Assurance role with one of the leading companies in AU right now TikTok with an amazing team. They are continuing to grow rapidly. This is the chance to join right as the takes off. More About the Role at TikTok Responsibilities The Security Assurance team is responsible for identifying security vulnerabilities and misconfigurations in numerous aspects of ByteDance applications, systems, and services. In this team, you will have a unique opportunity to learn and experience modern program analysis techniques that include fuzz testing, static analysis, and other hybrid and semi-automated approaches. This role isn't simply a "run a scan and report findings" type of job - it is an exciting and challenging internship that touches upon some of the most interesting aspects of security and software engineering. Our team of application security engineers is specialized in conducting penetration tests and security assessments that safeguard your digital assets. Hailing from diverse backgrounds, they share the same passion for cybersecurity, this group of professionals brings a fresh. Their collaborative spirit and adaptability enable them to tackle intricate challenges with innovative solutions, ensuring your systems remain fortified in the ever-evolving landscape of cyber threats. You'll be part of an enthusiastic and dynamic team specializing in enhancing mobile application security through innovative solutions. Our team members originate from varied backgrounds but share a common passion for cybersecurity. Their collaborative efforts enable them to address complex challenges with creative and effective strategies, ensuring robust security in the face of evolving cyber threats. We are looking for talented individuals to join us for an internship in 2025. Internships at TikTok aim to offer students industry exposure and hands-on experience. Turn your ambitions into reality as your inspiration brings infinite opportunities at TikTok. Internships at TikTok aim to provide students with hands-on experience in developing fundamental skills and exploring potential career paths. A vibrant blend of social events and enriching development workshops will be available for you to explore. Here, you will utilize your knowledge in real-world scenarios while laying a strong foundation for personal and professional growth. Candidates can apply to a maximum of two positions and will be considered for jobs in the order you apply. The application limit is applicable to TikTok and its affiliates' jobs globally. Applications will be reviewed on a rolling basis - we encourage you to apply early. Job Responsibilities This role may involve working with various other engineering teams, such as mobile application development teams, product security teams, software engineering departments, research teams, and infrastructure management. Some of the responsibilities include: - Learning the typical structure of a mobile application based on the Android/iOS operating system and automating the process of application analysis in terms of CI/CD. - Working with the CI/CD artifacts and bills of materials for each application/component to identify priority components for improvement in the application. - Solving tasks related to visualizing the application's research surface based on various attack surfaces. - Generating the attack surface based on the project's transmitted characteristics. - Performing analysis of the security status of the TikTok business lines (e.g. TikTok Live) based on automatically generated attack surfaces. - Extending the internal Mobile Threat Map based on automatically generated attack surfaces. Qualifications Minimum Qualifications - Currently pursuing an Undergraduate/Master degree in Digital Forensics, Cyber or Information Security, Computer Science, Information Technology or related fields. - Able to commit to working for at least 12 weeks during 2025. - Programming and code review capabilities in at least one of the following languages: Kotlin/Java, Python, JavaScript. - Familiarity with common security risks, including their principles, attack and defense strategies, and systematic governance and construction approaches. - Self-driven and capable of coping with ambiguity and applying theoretical concepts in practice. - Demostrable interest in cybersecurity. - Must obtain work authorization in country of employment at the time of hire, and maintain ongoing work authorization during employment. Preferred Qualifications - Graduating December 2025 onwards with the intent to return to degree program after the completion of the internship. - Above-average programming skills, including knowledge of algorithms and complex data structures. - Familiarity with mobile application development for Android and/or iOS platforms. - Experience with CI/CD processes and automation techniques. Ability to work with CI/CD artifacts (e.g. SBOM) and experience in component improvement prioritization. - Track record of finding and reporting vulnerabilities or other bugs discovered through program analysis. - Conducting and publishing research in the program analysis field. - Experience participating in Bug Bounty (aka Vulnerability Reward) Programs, Capture The Flag, or ACM / Programming competitions - Track record of contributions to open source projects. If you don’t think you're a perfect fit, you should still sign up to Hatch and create a profile, we'll match you to other roles that suit your profile. Hatch exists to level the playing field for people as they discover a career that’s right for them. We model this in our hiring process for our partners like TikTok. ✅ Applying here is the first step in the hiring process for this role at TikTok. We do not discriminate on the basis of gender identity, sexual orientation, cultural identity, disability, age, or any other non-merit factors. To put it simply, Hatch is for everyone.
Visit engineeringsuper.com.au to find our PDS and TMD.