Security Engineer - Mercari (Internship)

As an Intern in the Mercari Security Engineering and Strategy Team, you will have the opportunity to participate in security design, process reviews as well as develop and deploy security countermeasures, and execute penetration tests. This is a unique role within Mercari since you will be involved in high-stakes projects across the organization. The candidate will be exposed to the following topics, and will be invited to work on one opportunity of his/her choice:

• Monitoring and log analysis
• Penetration testing, threat modeling and security automation
• Web and mobile application security testing
• Technical project management

For each of these topics, the candidate will need to:

• Learn about Mercari’s infrastructure
• Create a map representing how systems interact with each other understand the underlying code and structure
• Conduct supervised experimentation to achieve a decided objective
• Describe discoveries, identify for improvements, and present findings to the stakeholders
• Cooperate with the system owners to plan improvements

Why would Mercari be a good place to learn about these topics?

• Mercari’s infrastructure relies on current cloud base technology
• The scale of the data and systems that Mercari is using makes it a challenging environment and a unique opportunity to tackle difficult problems

Unique and Bold Challenges

• The Security Engineering and Strategy team at Mercari is responsible for dealing with a vast array of data, logs, and dependencies. As a member of the team, you will be able to employ cutting-edge and complex cloud infrastructure systems to help us tackle complex challenges.

• With a rapidly growing number of organizations and services, it is extremely important for Mercari to introduce automation and reduce dependency on manual work as much as possible. This is an exciting opportunity to gain experience in helping us build out our security systems and solve interesting challenges in a fast-paced environment.

Responsibilities

• Shared understanding and belief in our company’s mission and values
• Strong interest in security
• Able to work more than 20 hours per week for 2 or 3 months
• Programming experience with one or more programming languages including but not limited to: Go, Python, PHP, Javascript
• Enrolled in a Bachelor’s degree (or higher) program or technical school in Computer Science, Information Security, or other engineering-focused major
• Effective interpersonal and communication skills
• Basic Linux understanding and an ability to operate Linux
• Basic familiarity with SQL Querying
• Able to join our internship from September 2024

Requirements

• Basic understanding or strong interest in any of the following:
  • Public cloud infrastructure platforms (GCP, AWS or Azure)
  • Container and orchestration technologies (Docker, Kubernetes)
  • Capture the flag (CTF), bug bounty, penetration testing, Web or mobile application security testing,
  • Security automation and DevSecOps
• Basic experience with software development tools such as Git, dependency management, build and deployment tools
• Understanding of modern Web or mobile applications

Compensation