Offensive Security Intern

The internship opportunity at Help AG in the Offensive Security Team will provide an opportunity for students to learn and work with enterprise security technologies, supporting our customers by identifying vulnerabilities and strengthening their security posture through controlled testing and assessments. This internship will provide hands‑on experience with the tools, techniques, and methodologies used by our offensive security team to simulate real‑world cyber threats.

• Work with the current team on understanding the Vulnerability Assessment and Penetration Testing (VAPT) process
• Assist in performing basic vulnerability assessments and support ongoing penetration testing activities.
• Support the team in identifying, validating, and documenting security vulnerabilities.
• Assist in reconnaissance and information gathering activities under guidance.
• Work with internal teams to understand findings and support remediation discussions
• Actively participate in labs, simulations, and internal exercises to build offensive security skills.
• Successfully complete training on at least 3 offensive security tools/areas (e.g., Burp Suite, Metasploit, Nmap, OWASP Top 10, etc.) and aim to achieve relevant certifications.
• Assist in preparing reports, project documentation, POCs, and internal knowledge‑sharing materials.

• Pursuing or recently completed a Bachelor's in Computer Science, Cybersecurity, or related field. Specialization or coursework in offensive security, penetration testing, or ethical hacking is preferred.
• Solid understanding of TCP/IP, OSI model, common protocols (HTTP/S, DNS, SMB, SSH), and basic network troubleshooting.
• Working knowledge of Linux (Kali, Parrot, or Ubuntu) command line and scripting fundamentals in Python or Bash.
• Familiarity with offensive security concepts: reconnaissance, vulnerability scanning, exploitation basics, and the MITRE ATT&CK framework.
• Exposure to common tools is a plus:
  Nmap, Burp Suite, Wireshark, Metasploit, or similar.
• Hands‑on practice via platforms such as Hack The Box, Try Hack Me , Port Swigger Web Security Academy, or CTF participation is highly desirable.
• Offensive security certifications are a strong plus: OSCP/OSCP+ (highly preferred), PNPT, CRTP, eCPPT, or eJPT. Candidates actively pursuing OSCP+ are particularly encouraged to apply.
• Understanding of OWASP Top 10 and basic web application security concepts.
• Strong written and verbal communication in English;
  Arabic is an advantage.
• Comfortable with Microsoft Office (Word, Excel, PowerPoint) for reporting and deliverables.
• Curiosity, integrity, and a documented learning trail (Git Hub, write‑ups, blog, HTB profile) - evidence of self‑driven learning is valued.
• Flexible working hours during active engagements; willingness to learn client‑facing professionalism.

• Career progression and growth through challenging projects and work
• Employee engagement and wellness campaigns activities throughout the year
• Excellent learning and development opportunities
• Inclusive and diverse working environment
• Flexible/Hybrid working environment
• Open door policy