Funding Societies | Modalku is the largest SME digital finance platform in Southeast Asia.
We are licensed and operating in Singapore, Indonesia, Thailand, Malaysia and Vietnam, and backed by Sequoia India (Peak XV), Softbank Vision Fund, Khazanah and SMBC bank amongst many others.
Funding Societies | Modalku provides business financing to small and medium-sized enterprises (SMEs), which is funded by individual and institutional investors, as well as payments solutions to SMEs and consumers.
Here at Funding Societies | Modalku we live by our core values GETFS: Grow Relentlessly: Strive to become our best, most authentic selves.
Enable Teamwork, Disable Politics: Only by forging togetherness, we help each other succeed.
Test Measure Act: Stay curious and reinvent ourselves, through innovation and experimentation.
Focus on Impact: Create impact through bias for action and tangible results.
Serve with Obsession: Build win-win relationships for the long-term by having a customer obsession.
We are looking for a highly motivated and curious Product Security Intern .
under the expertise and guidance of our internal security team, you will explore how Generative AI can accelerate security workflows, research autonomous penetration testing frameworks, and help us embed robust Secure Software Development Life Cycle (SDLC) practices directly into our engineering culture.
If you are passionate about hacking , building secure software, and Interested to learn and build together how to leverage AI to outsmart adversaries, this is the role for you.
What You Will Do GenAI-Accelerated Security: Research and prototype ways to use Large Language Models (LLMs) and Generative AI to automate threat modelling, triage vulnerability reports, and generate remediation code for developers.
Autonomous Penetration Testing: Assist in evaluating, building, or deploying autonomous Secure AI agents and scripts designed to automate Offensive Security Testing within our test environments.
Secure SDLC Integration: Work alongside security engineers to integrate and tune Static (SAST), Dynamic (DAST), Supply Chain Security and Software Composition Analysis (SCA) tools within our CI/CD pipelines.
Vulnerability Management: Analyse security findings, filter out false positives, and collaborate with software engineers to remediate potential vulnerabilities.
Research & Documentation: Stay up to date on the latest AI-driven attack vectors (e.
g., prompt injection, model poisoning) and document internal security guidelines for safe AI adoption.
Flexible working - We believe in giving back the control of work & life to our people.
We trust our people and love to provide the space to accommodate each and everyone's working style and personal life.
Mental health and wellness - We understand that our team productivity is directly linked to our mental and physical health.
Hence we organize org-wide fitness initiatives and engage partners to provide well-being coaching.
Tech support - We provide a company laptop for our employees and the best possible support for the right equipment/tools to enable high productivity Interested to know more about us?
Learn about our Stories here.
What We Are Looking For Core Security Knowledge: Solid understanding of common vulnerabilities (e.
g., OWASP Top 10) and fundamental security concepts (authentication, cryptography, networking).
Programming Skills: Proficiency in at least one programming or scripting language (e.
g., Python, Go, JavaScript, or bash) to write automation scripts and interact with APIs.
AI/ML Curiosity: A strong interest in Generative AI, LLMs, and how AI can be applied offensively and defensively in cybersecurity.
(Prior experience using LLM APIs like OpenAI, Gemini, or Anthropic is a major plus).
Builder’s Mindset: Familiarity with modern software development stack/ tools , version control (Git), and an understanding of basic CI/CD concepts.
Problem Solver: Excellent analytical skills with a proactive approach to tackling complex, ambiguous problems.
Education: Background in Computer Science, Cybersecurity, Information Security, or a related technical field.
What You’ll Get Out of It Expert Mentorship & Training: Learn directly from our in-house security experts.
You will receive hands-on training on how to secure an organization comprehensively at every layer of the SDLC and Beyond.
Strategic Collaboration: Join hands with our security engineers to be an active, contributing member of our GenAI-accelerated security program.
Impact: Your research and code will directly influence how our security team scales its operations.
