Product Security Graduate Intern (Summer 2026)

Sigma Computing•San Francisco, CA

1d•Hybrid

About The Position

Our internship program at Sigma: Sigma’s early career program is the launchpad for the next generation of engineers and innovators. As an Intern at Sigma, you’ll work on various Security domains and learn efficient Security engineering for large scalable systems/environments. Our interns connect directly with our engineers, product leaders, and designers across the organization everyday. We’re looking for students who bring curiosity, a spirit for collaboration, and a desire for securing the world. Sigma is shaping the future of business insights and data visualization. About the role: Our Product Security Engineer Internship (Graduate Student) is designed to provide exposure to a variety of security tasks that one should expect as a junior or entry-level Product Security Engineer. This Product Security Engineer internship will provide you the opportunity to solve Sigma’s critical Product security and data protection related challenges.

Requirements

Current graduate student: You must be currently enrolled in a university graduate degree program in the U.S with a graduation date of December 2026 or later
Able to intern from May / June 2026 through August / September 2026 (12 weeks)
Authorization: You must be legally authorized to work in the US during the Summer 2026 program
Visa sponsorship is not available for our internship positions
Location: Located within the San Francisco Bay Area or willing to relocate during the internship. Relocation assistance will be provided for students who will need to relocate for the summer.
Able to work 40 hours per week (full-time) in a hybrid work model with a minimum of 4 days in office for in person collaboration with our team
Currently pursuing a Master’s degree in Computer Science, Engineering, or a related field, with a demonstrated interest / experience in security.
Hands on development experience in one or more of the following: Python, Go, Rust, TypeScript, JavaScript, or Java.
Solid understanding of common product security vulnerabilities (e.g., authn/authz issues, injection, data exposure, isolation failures) and typical mitigation strategies.
Self-starter who can take security problems, break them down, and drive them forward with minimal oversight.
Curiosity about modern attack techniques and a willingness to experiment, learn, and think adversarially.
Strong written and verbal communication skills, with the ability to explain security findings clearly to engineering partners.
A pragmatic mindset focused on improving security without unnecessarily impacting developer productivity or delivery velocity.

Responsibilities

Participate in threat modeling and security design reviews for new and existing features, including AI-enabled product capabilities.
Assist with application security code reviews, with an emphasis on identifying systemic patterns and classes of vulnerabilities.
Perform offensive security assessments, including penetration and red team style testing, and adversarial simulation, to proactively identify vulnerabilities and strengthen defenses.
Research, test, and validate potential security issues across Sigma cloud environment, network application services and data flows.
Triage and verify reported vulnerabilities using a data-driven approach, perform root cause analysis, and partner with engineers to drive remediation.
Design, build, or extend security pipelines that leverage AI or ML to improve signal quality, prioritization, or developer experience.
Track security metrics and produce clear documentation for areas of ownership.
Scope, design, and deliver projects in collaboration with Product Security and Engineering mentors, with the option to focus on an AI-driven security initiative or a core product security problem.