Summer 2023 - Product Security Office Intern

Note: we have multiple internship positions posted. Please consider applying for no more than 3 roles to ensure your application is being reviewed for the position(s) that best align with your career interests and goals.

Nice to meet you!  

We’re the leader in analytics. Through our software and services, we inspire customers around the world to transform data into intelligence – and questions into answers.   

We’re also a debt-free multi-billion-dollar organization on our path to an Initial Public Offering (IPO) in 2024. If you’re looking for a dynamic, fulfilling internship coupled with flexibility and world-class employee experience, you’ll find it here.  

What you’ll do 

Looking for *that* internship? The game-changing one that’ll help you learn, grow, and chart your path forward? You’ll find it at SAS. Our interns aren’t coffee runners – they do real, meaningful work. Our award-winning internship program is focused on development, culture, and community. We’ll help you grow professionally, find (or further) your passion, and make memorable connections that last beyond the summer.  

The mission of the Product Security Office (PSO) is to mature SAS’ software security program by enabling product teams to adopt and perform security practices throughout the development lifecycle. The Product Security office leads secure architecture design practices, third party penetration testing and bug bounty programs, and product security incident response efforts in R&D to ensure SAS products meet customer, legal, and industry security expectations.

As an intern, you might: 

• Collect and analyze security data and propose opportunities for security improvements in SAS products and processes
• Participate in security activities such as threat modeling, rapid risk assessments, pen test and bug bounty coordination and triage, operating tools such as SAST, SCA, DAST, etc
• Code and test pieces of automation to streamline security practice efforts such as incident response and triage
• Triage bug bounty findings and route them through vulnerability management processes
• Set up and complete proof-of-concept (POCs) for tools or technology for the PSO to assess

What we’re looking for

• You’re curious, passionate, authentic and accountable. These are our values and influence everything we do.
• Have strong communication skills – both written and verbal. 
• Be a leader. You’re the one sitting in the front row of the class. 
• Embrace technology. You geek out over the latest and greatest!
• You’re a college student enrolled in an accredited program, not graduating prior to December 2023. 
• Targeted majors: Computer Science, Cybersecurity, Engineering, or related discipline
• You enjoy both building and breaking software
• Proficient in one or more programming languages (such as Go, Python, React, javascript, java, etc )
• Good analytical and debugging skills; creative ability, good organizational skills
• Ability to work well in teams, communicate clearly, and deliver projects on time
• Self-motivated and proactive under general supervision
• Excellent written & oral communication skills

Nice to haves

• Interest in or experience with ethical hacking (participation in bug bounties, CTF)
• Interest in or experience with code review and secure coding (OWASP Top 10)
• Actively maintained personal Github repository
• Contribution to or experience using open source security tooling
• Any of the following:
  • Knowledge of information security concepts and controls
  • Knowledge of application, web app, API security
  • DevOps tooling
  • Data analysis

Timeline

• Applications open: February 2023
• Interviews begin: March – April 2023
• Internship dates: May 16, 2023 – August 4, 2023. We can be flexible on start date if your university is on a quarter system.

Location

• Cary, HQ or fully remote (United States only)

Perks of the job 

• Work with (and learn from) the best. As an intern, you’ll get face time with our top executives! 
• Free SAS programming training and certification.   
• At SAS, the Future of Work is whatever you want it to be. Want to work remotely? That’s cool. Prefer a mix of sweatpants and in-person collaboration? That’s great, too.  
• Your well-being matters, and that’s why we support all dimensions of your well-being by offering programs that reduce stress and distractions to help you stay healthy and productive.  This includes an on-site and remote Work/Life Center staffed by master’s level Social Workers and an Employee Assistance Program.
• We work hard, but we like to play hard, too. Enjoy hackathons, social events and other opportunities to connect engage.  

Diverse and inclusive    

At SAS, it’s not about fitting into our culture – it’s about adding to it. We believe our people make the difference. Our diverse workforce brings together unique talents and inspires teams to create amazing software that reflects the diversity of our users and customers. Our commitment to diversity is a priority to our leadership, all the way up to the top; and it’s essential to who we are. To put it plainly: you are welcome here.    

Additional Information 

To qualify, applicants must be legally authorized to work in the United States, and should not require, now or in the future, sponsorship for employment visa status. SAS is an equal opportunity employer. All qualified applicants are considered for employment without regard to race, color, religion, gender, sexual orientation, gender identity, age, national origin, disability status, protected veteran status or any other characteristic protected by law. Read more: Equal Employment Opportunity is the Law. Also view the supplement EEO is the Law, and the Pay Transparency notice.    

Equivalent combination of education, training and experience may be considered in place of the above qualifications. The level of this position will be determined based on the applicant's education, skills and experience. Resumes may be considered in the order they are received. SAS employees performing certain job functions may require access to technology or software subject to export or import regulations. To comply with these regulations, SAS may obtain nationality or citizenship information from applicants for employment. SAS collects this information solely for trade law compliance purposes and does not use it to discriminate unfairly in the hiring process.  

 All valid SAS job openings are located on the Careers page at www.sas.com. SAS only sends emails from verified “sas.com” email addresses and never asks for sensitive, personal information or money. Should you have any doubts about the authenticity of any type of communication from, for, or on behalf of SAS, please contact us at Recruitingsupport@sas.com before taking any further action. 

Pay Transparency: The hourly rate for SAS internships is determined by the applicant’s year in school and the position they are hired into. Hourly rates range from $15 – $31 for associate’s/bachelor’s level positions and $29 - $49/hour for master’s/Ph. D positions. Internship roles are not eligible for bonus.

Salary : $15 - $31