Security Engineer Intern, Product

Meta's Product Security team focuses on detection, prevention, and mitigation of risk that is inherent in building software -- whether that means vulnerability research or building software. Product Security Engineers provide guidance and tooling to engineering and product teams that help minimize the security and privacy risk for over 3 billion of our users. The scale, diversity, and importance of the products we secure is an inspiring mission -- come help us make life hard for the bad guys!Meta's Product Security team is hiring security interns focused in several areas:Web Security: focused on securing web applications/APIs and ensuring we have robust architectural browser protections. Web Security Engineers on Product Security team work on a wide range of projects in PHP, Python, Perl, Ruby, etc.Mobile Security: focused on securing an ecosystem of mobile applications and platform security for Android (Java, Kotlin) and iOS (Swift, Objective-C), including custom hardware devices.Native
Security: focused on lower level systems which are closer to the hardware and physical components of computers. Native Security Engineers on Product Security team work on a wide range of projects in the C/C++/Rust space.These engineering roles will partner closely with the following teams:Secure Application Frameworks: a team focused on building libraries, frameworks, and platforms that enable developers to write secure software and enable security engineers to perform automated analysis at scale.Program Analysis: teams of software engineers who build static and dynamic analysis tools to detect and prevent security and privacy issues at scaleProduct Teams: various teams across engineering that are focused on building services but need security guidance in order to build secure applications.If you're passionate about security and helping secure products that billions of people use and trust, come join us at Meta!, 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more.
2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities.
3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products.
4. Research, develop, and apply mitigations to products so that vulnerabilities cannot be turned into exploits

5. Currently enrolled in a full-time, degree-seeking program and in the process of obtaining a Bachelors or Masters degree in computer science or a related field
6. Experience with exploiting common security vulnerabilities.
7. Experience finding vulnerabilities in interpreted languages (C, C++, php, ruby, python). Knowledge of secure code development.
8. Proven project management and execution skills
9. Self-motivated and proactive, with ability to identify key areas of focus and take initiative to drive results
10. Strong communication and collaboration skills
11. Must obtain work authorization in the country of employment at the time of hire and maintain ongoing work authorization during employment.

Preferred Qualifications:

Preferred Qualifications:
12. Intent to return to full-time degree program after completion of the internship
13. Experience with exploiting common security vulnerabilities
14. Experience writing software that enables security processes
15. Contributions to the security community (public research, blogging, presentation, open source, etc.)