Offensive Security Intern

The internship opportunity at Help AG in the Offensive Security Team will provide an opportunity for students to learn and work with enterprise security technologies, supporting our customers by identifying vulnerabilities and strengthening their security posture through controlled testing and assessments. This internship will provide hands-on experience with the tools, techniques, and methodologies used by our offensive security team to simulate real-world cyber threats.

Responsibilities:

• Work with the current team on understanding the Vulnerability Assessment and Penetration Testing (VAPT) process

• Assist in performing basic vulnerability assessments and support ongoing penetration testing activities.

• Support the team in identifying, validating, and documenting security vulnerabilities.

• Assist in reconnaissance and information gathering activities under guidance.

• Work with internal teams to understand findings and support remediation discussions

• Actively participate in labs, simulations, and internal exercises to build offensive security skills.

• Successfully complete training on at least 3 offensive security tools/areas (e.g., Burp Suite, Metasploit, Nmap, OWASP Top 10, etc.) and aim to achieve relevant certifications.

• Assist in preparing reports, project documentation, POCs, and internal knowledge-sharing materials.

Qualifications & Skills:

• Pursuing or recently completed a Bachelor's in Computer Science, Cybersecurity, or related field. Specialization or coursework in offensive security, penetration testing, or ethical hacking is preferred.

• Solid understanding of TCP/IP, OSI model, common protocols (HTTP/S, DNS, SMB, SSH), and basic network troubleshooting.

• Working knowledge of Linux (Kali, Parrot, or Ubuntu) command line and scripting fundamentals in Python or Bash.

• Familiarity with offensive security concepts: reconnaissance, vulnerability scanning, exploitation basics, and the MITRE ATT&CK framework.

• Exposure to common tools is a plus: Nmap, Burp Suite, Wireshark, Metasploit, or similar.

• Hands-on practice via platforms such as Hack The Box, TryHackMe, PortSwigger Web Security Academy, or CTF participation is highly desirable.

• Offensive security certifications are a strong plus: OSCP/OSCP+ (highly preferred), PNPT, CRTP, eCPPT, or eJPT. Candidates actively pursuing OSCP+ are particularly encouraged to apply.

• Understanding of OWASP Top 10 and basic web application security concepts.

• Strong written and verbal communication in English; Arabic is an advantage.

• Comfortable with Microsoft Office (Word, Excel, PowerPoint) for reporting and deliverables.

• Curiosity, integrity, and a documented learning trail (GitHub, write-ups, blog, HTB profile) - evidence of self-driven learning is valued.

• Flexible working hours during active engagements; willingness to learn client-facing professionalism.

   

Benefits:

• Career progression and growth through challenging projects and work

• Employee engagement and wellness campaigns activities throughout the year

• Excellent learning and development opportunities

• Inclusive and diverse working environment

• Flexible/Hybrid working environment

• Open door policy

About Us:

Help AG is the cyber security arm of e& enterprise and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by Etisalat group in Feb 2020, hence creating a cyber security and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and cyber security focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.