Security Engineer Intern
Notable · San Mateo, CA · 2 wk ago
HybridEngineeringFull-time
Role Summary
Notable is transforming healthcare with intelligent automation. As a Security Engineer Intern, you will help design, build, and automate controls that protect our platform and data, partnering closely with Security, Infrastructure, and Product Engineering.
What You’ll Do
- Build and automate security controls and guardrails in collaboration with Security and Infra (examples: IaC policy checks, least‑privilege baselines, automated secrets detection in CI/CD).
- Create or tune detections and response playbooks for key risks; validate via simulation and document runbooks.
- Contribute to secure-by-default developer workflows (pre-commit hooks, SAST/DAST pipelines, dependency scanning) and help triage/track findings to closure.
- Implement small, measurable improvements to cloud security posture (e.g., misconfiguration checks, logging/telemetry coverage, tagging/ownership hygiene).
- Write clear documentation and operational SOPs for what you build; hand off with measurable acceptance criteria.
- Partner on security reviews for low-to-medium risk changes and help track mitigations.
You’re a Great Fit if
- You’ve built things: coursework or projects in security engineering, cloud, or DevSecOps; comfortable reading code and automating with at least one language (Python, Go, or similar).
- Familiar with common security domains such as cloud security (GCP/AWS/Azure), identity and access management, CI/CD security, container/Kubernetes basics, or detection engineering.
- Strong communicator; can turn ambiguous problems into a small, shippable plan with milestones.
Nice to Have
- Hands-on with infrastructure-as-code (Terraform), policy-as-code (OPA/Conftest), and CI systems (GitHub Actions, GitLab, or similar).
- Experience with log pipelines and SIEM/analytics tools; basic detection authoring.
- Familiarity with secure software development practices and OWASP Top 10.
- Exposure to healthcare, regulated environments, or privacy-centric design.