Security Engineering Intern, Red Team
Coinhako
📍 On-site
Category: SecuritySubcategory: Security EngineerType: Internship
Are you ready to be the first line of offense for one of the fastest-growing companies in the Cryptocurrency and Blockchain space? We're looking for a Security Engineering Intern (Red Team Sector) to think like an adversary, break things before attackers do, and help us build a platform our users can trust with their assets.
In crypto, every vulnerability has an immediate, irreversible dollar value attached. That's the bar you'll be operating at.
What you'll be doing:
-
Offensive security engagements across our web, mobile, API, and microservice surfaces, as well as cloud infrastructure and internal systems.
-
Perform application security assessments and penetration tests, with a focus on the attack paths that matter most in a crypto/fintech context: authentication and session handling, wallet and key management flows, transaction integrity, withdrawal and KYC bypasses, business logic abuse, and privilege escalation.
-
Conduct manual secure code review on production codebases to find vulnerabilities that scanners miss, with particular attention to financial logic, race conditions, and trust-boundary violations.
-
Research emerging threats in Web3, mobile, and cloud — new exploitation techniques, smart contract attack patterns, DeFi exploits, supply chain attacks — and translate them into proactive testing methodologies before they hit production.
-
Write robust scripts, automate offensive workflows, and create frameworks that scale red team coverage across a fast-moving codebase.
What we're looking for:
-
Knowledges in offensive security, penetration testing, or red teaming, with demonstrated hands-on experience in web and mobile application security, through CTF competition or bug bounty engagement.
-
Final year at university with degree focusing on Computer Science, Information Systems, Engineering.
-
Strong fundamentals in offensive security, application security, and security engineering.
-
Strong familiarity with Linux and cloud ecosystems, especially AWS.
-
Proficiency with industry-standard tooling: Burp Suite, intercepting proxies, fuzzers, and the broader pentester's toolkit.
-
Working knowledge of OWASP (Top 10, ASVS, MASVS), CWE, and modern appsec frameworks.
-
A builder's mindset; comfortable scripting and automating in Python, Go, or similar to scale your own work.
-
Outstanding written and verbal communication in English, the ability to distill technical nuance into narratives that drive engineering and business change.
-
A collaborative spirit, eager to work alongside engineers, researchers, and product teams to embed security into every phase of development.
-
Advanced understanding and/or experience working in a Cryptocurrency/Blockchain/Fintech/Finance Trading domain preferred
What’s in it for you:
-
Hands-on experience across multiple cybersecurity domains
-
Mentorship from experienced security professionals
-
Exposure to enterprise-grade security tools and technologies
-
Opportunity to participate in real security operations and projects
-
Potential pathway to full-time employment based on performance
-
Flexible schedule to accommodate academic commitments
Duration 3-6 months, with possibility of extension based on performance and mutual agreement.
Find out more about Coinhako here https://www.coinhako.com/ and don't forget to visit our Careers Page https://www.coinhako.com/join-us
By submitting your application to us, you consent to the collection, use, disclosure and processing of your personal data in accordance with our privacy policy, which is accessible at https://www.coinhako.com/legal/sg-1/privacy_policy.
Share This Job
Coinhako
WebsiteSafe, reliable and seamless access to the crypto-economy
Established in 2014, Coinhako is a reliable provider of cryptocurrency access. Based in Singapore, the company offers on- and off-ramp crypto services to retail, high-net-worth, and institutional clients globally. The platform was created by entrepreneurs from Singapore.