Security Summer Intern (US/Canada) - 100% Remote

What is the role?

dotCMS is a cloud-based Digital Experience platform that is changing the way enterprises do digital. We are looking for a Security Summer Intern for a proactive and detail-oriented intern to join our Cybersecurity team this summer to manage our vulnerability disclosure program.

As a Security Summer Intern, you get hands-on experience in managing a critical aspect of cybersecurity in a tech-driven environment and the opportunity to work with experienced cybersecurity professionals, being exposed to real-world cybersecurity challenges and the latest technologies.

We're proud to be 100% remote! dotCMS has been fully remote for over a decade, and as an intern, you may work remotely from any location that is compatible with standard U.S. business hours. Please note this is a full-time internship position for a 4-6 month period, and we are unable to sponsor or take over sponsorship of an employment Visa at this time. Additionally, we are not accepting contractors or C2C candidates.

What is dotCMS?

Founded in 2003, dotCMS is the most agile, scalable and secure content management system for enterprise. Built on leading Java technology, dotCMS is an open-source, hybrid-headless content management system that gives developers the flexibility of a headless CMS while equipping marketers with no-code visual content authoring. Whether you're building a network of global websites, an employee intranet, a customer portal, or a single-page web application, dotCMS helps you manage content, images, and assets in one centralized location and deliver them to any channel. Some of our notable customers include Telus, Standard & Poors, Hospital Corporation of America, Royal Bank of Canada, Deutsche Bank, Comcast, Vodafone, Thomson Reuters, Dairy Queen, Lennox International, Chewy.com, and O'Reilly Autoparts.

Who are we, really?

At "the dot," you'll find a diverse team of authentic individuals who share the goal of building the most agile, scalable, and secure content management system, delighting customers, and having a lot of fun doing it. We're a curious, innovative, and collaborative group that works from anywhere, having been 100% remote long before a pandemic required it. Working remotely is in our DNA, whether it's to enjoy the beautiful views of new countries or just more "you" time outside of work. And since we don't gather around the water cooler in an office, we like to gather around the cool waters of Costa Rica a few times a year for our regular off-sites, where we blow off some steam and re-energize as a group.

What you'll bring to the team:

• Monitor and manage security vulnerabilities reported by active researchers.
• Conduct initial investigation and triage of incoming vulnerability reports.
• Collaborate with security and development teams to identify feasible remediations.
• Assist in the development of mitigation strategies to reduce potential impacts of vulnerabilities.
• Maintain detailed documentation of vulnerabilities, actions taken, and resolutions and respond to the researcher.
• Participate in regular security reviews and updates with the cybersecurity team.

Why we get excited about you:

• Familiarity with security principles, vulnerability management processes, and cybersecurity frameworks.
• Experience with Kanban, GitHub Projects, or similar project management tools is highly desirable.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Currently pursuing a degree in Cybersecurity, Information Technology, Computer Science, or a related field.

Why should you join?

If you have great experience but are tired of being a cog in a giant corporate wheel, this job is for you. It's a chance to create a new product marketing function at an established, growing company with a mature product in use by major global organizations. Everything you do every day, will make a huge impact on our company. Your work will be seen, felt and recognized and your past experience valued.

dotCMS is an equal opportunity employer and prohibits discrimination and harassment of any type and affords equal employment opportunities to employees and applicants without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.