Web Penetration Testing Intern - LATAM

COMPANY PROFILE

Insight Assurance is a security and compliance firm trusted by over 1200 organizations for their SOC 2, PCI DSS, ISO 27001, and HIPAA audit needs. Insight Assurance is a licensed CPA firm, PCI Qualified Security Assessor (QSA), and ISO 27001 Certification Body founded by former Big-4 professionals (Former EY) looking to simplify the world of IT compliance.

 

About the Role

Are you passionate about cybersecurity and eager to develop practical skills in web application penetration testing? Join our team as a Web Penetration Testing Intern, where you’ll learn how to identify and analyze web vulnerabilities, use industry-standard tools, and apply frameworks like OWASP and MITRE ATT&CK. This internship offers hands-on experience and real-world exposure to the field of ethical hacking and web security.

Responsibilities

As a Web Penetration Testing Intern, you’ll work alongside experienced security professionals to:

· Learn and apply web application security concepts, including the OWASP Top 10 vulnerabilities.

· Conduct penetration testing exercises on vulnerable applications

· Use industry tools to identify and exploit vulnerabilities.

· Perform reconnaissance, exploit vulnerabilities, and map findings to the MITRE ATT&CK framework.

· Solve challenges laid out by the team

· Document findings in detailed penetration testing reports with technical recommendations.

· Present your findings and remediation recommendations to team members.

Qualifications

We’re seeking candidates who have:

· Some technical experience: Familiarity with web technologies (HTML, JavaScript, HTTP), basic networking (TCP/IP, DNS), or Linux fundamentals.

· Educational background: Pursuing or completed a degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent practical experience).

· Strong analytical skills: A keen eye for detail, problem-solving mindset, and curiosity to dig deeper into technical issues.

· Eagerness to learn: Willingness to tackle challenges, take initiative, and continuously improve.

Bonus Skills (Preferred but not required):

· Exposure to penetration testing tools like Burp Suite, Nmap, or OWASP ZAP.

· Basic programming or scripting knowledge (e.g., Python).

· Experience with platforms like TryHackMe or Hack The Box.

What You’ll Gain

· Comprehensive training in web penetration testing tools and techniques.

· Hands-on experience with real-world security testing workflows.

· Practical knowledge of industry standards like MITRE ATT&CK and OWASP.

· Improved technical, analytical, and report-writing skills.

· A detailed portfolio showcasing your work on labs, reports, and simulated penetration tests.

· Mentorship from experienced cybersecurity professionals.

 

Privacy Notice CCPA: 

• Insight Assurance shares your personal data/information with Greenhouse recruiting because this is the tool we use for the recruitment process.
• Insight Assurance does not sell personal data/information under any circumstances.
• You may exercise your rights under personal data protection legislation by reaching out to us via: HR@insightassurance.com or submit a request via mail at 400 N Tampa St. 15th Floor Suite 122, Tampa, FL 33602

Privacy Notice GDPR:

This notice informs you about the categories of Personal Data/ Information and the Purpose and Scope of Processing Activities to be undertaken by Insight Assurance (we, us, our), under its job application and recruitment process.

We resort to Greenhouse.com as the platform that supports our recruitment process, and therefore your Personal Data/ Information will be Processed on this tool (hosted, shared with, cross-referenced, accessed by our team); we have in place contractual terms and the commitment of Greenhouse.com that ensures the Security and Confidentiality plus Purpose limitation with regards to the Processing of your Personal Data.

When you reply to one of your job postings, you voluntarily and freely submit your Personal Data to us; this, allied with the fact that the Processing by us (and over Greenhouse.com) of that Personal Data has the sole Purpose of validating your application and proceeding with the inherent scrutiny and decision, allows us to argue having Legitimate Interest as the applicable Legal Basis to undertake the Processing of your Personal Data under this scope.

We are a U.S. based company, hence some or all Personal Data pertaining to you will be hosted in the U.S.

The categories of Personal Data under Processing consist of:

• Identification
• Contact
• Education and Professional
• Interview performance
• Evaluation

You may exercise several Rights as determined under applicable Personal Data Protection legislation, in short:

• Right of Access – meaning getting information about the Personal Data under Processing by us, except for the information you already know;
• Right of Erasure – you may ask for us to erase all Personal Data pertaining to you under Processing; this may imply you being excluded from the recruitment process, for without information we cannot proceed with it;
• Right of Opposition or Restriction of Processing – you may ask us to stop some Processing or restrict the Processing of some Personal Data, this may imply you being excluded from the recruitment process, at our sole discretion also for without information we cannot proceed with it;
• Rectification – you can rectify your Personal Data at anytime