GitGuardian is a French cybersecurity startup helping developers and security teams secure source code.
Built by developers for developers, their mission is to protect businesses against unauthorized access to some of their most critical systems and data.
GitGuardian already helped more than 100 of the Fortune 500 as well as government organizations find exposed sensitive information that they call secrets on GitHub, that could often lead to tens of millions of dollars in potential damage.
Founded in 2017, they are post Series A and growing fast! They are supported by top-tier VCs and world-class investors who believe in their vision and ability to execute the business such as Solomon Hykes (Docker), Scott Chacon (Github), Renaud Visage (Eventbrite).
Based in Paris they are a true citizen of the world with more than 80% of their customers in the United States.
The Guardians are young, passionate and aiming high!
As a data analyst intern at GitGuardian, you will join a unique team like no other: the Secret Detection team that develops our secret detection engine.
Our engine scans Github in real time searching for vulnerabilities (API keys, database connexion strings, passwords…) and analyzes 2,5M commits / a day, to raise 20k secrets embedded within the source code!!!
In extension, the Secret Detection team is responsible for maintaining the high accuracy of our engine by leveraging more than 10 billion documents of historical data.
On a daily basis you will:
- Develop a statistical learning approach to improve the performance of our current algorithms
- Build some rules and heuristics to improve our precision and recall techniques
- Enrich our detection capabilities by:
- Expand our secret detection scope : introduce new API providers’ in our detectors set
- Explore new types of secrets : high entropy detectors, weak signals, sensitive files …
- Benefit from working closely with other highly-skilled developers that provide feedback and help you develop your skills!
- Enjoy working with good practices, in an agile methodology with your Lead Developer on 2 weeks sprints releases
- Participating in the growth of our technical teams! We are growing from 20 to 30 developers to support our growth in 2021. This position might lead to a full time working contract!
Our technical stack:
- Backend: Python, Jupyter, Pandas
- DB: Elasticsearch (+ Kibana)
- Deployment: Docker, Terraform, AWS
Why join us?
As a post Series A startup, we are facing many exciting and strategic challenges and we are experiencing rapid growth!
We offer an amazing opportunity to be a part of a strong technical DNA company (built by developers for developers), with a strong impact on the open source community (our free product for individual developers, already alerted 400K developers!)
We built a product that scans GitHub for sensitive information (API keys, database connection strings, proprietary code, etc.), at scale (2.5M commits/day). We seek to automate the creation of “policies” that are enforced at every stage of the development lifecycle (IDE and pre-commit, CI) to make the source code more secure.
Our offices are based in central Paris (75011) and each person of the team can do remote work for 2 days a week in order to facilitate a good work - life balance.
- Currently enrolled in a Computer Science degree in the top 10 French Engineering Schools.
- Previous software development experience using Python and data analysis frameworks
- Experience working with the following: Unix/Linux, Git, familiar with a CI/CD environment
- Good general knowledge in computer science, one : familiar with curl or requests, knowledgeable on various protocols of the internet (SMTP, SSH, …)
- Previous experience using Docker
- We are looking for a team-player ready to contribute to GitGuardian’s philosophy : a documentation-oriented team, demanding reviews, helping others, enthusiastic about learning new skills everyday!
- You don’t embed API keys in your code ;-)
- Previous experience as an intern in a startup environment
- Visio call with the HR department
- Technical test
- Team interview (in office or remotely)
- Feedback + technical interview with the CTO