Product Security Intern

Funding Societies | Modalku is the largest SME digital finance platform in Southeast Asia. We are licensed and operating  in Singapore, Indonesia, Thailand, Malaysia and Vietnam, and backed by Sequoia India (Peak XV), Softbank Vision Fund, Khazanah and SMBC bank amongst many others. Funding Societies | Modalku provides business financing to small and medium-sized enterprises (SMEs), which is funded by individual and institutional investors, as well as payments solutions to SMEs and consumers.

Here at Funding Societies | Modalku we live by our core values GETFS: • Grow Relentlessly: Strive to become our best, most authentic selves. • Enable Teamwork, Disable Politics: Only by forging togetherness, we help each other succeed. • Test Measure Act: Stay curious and reinvent ourselves, through innovation and experimentation. • Focus on Impact: Create impact through bias for action and tangible results.

• Serve with Obsession: Build win-win relationships for the long-term by having a customer obsession.

We are looking for a highly motivated and curious Product Security Intern. under the expertise and guidance of our internal security team, you will explore how Generative AI can accelerate security workflows, research autonomous penetration testing frameworks, and help us embed robust Secure Software Development Life Cycle (SDLC) practices directly into our engineering culture. If you are passionate about hacking , building secure software, and Interested to learn and build together how to leverage AI to outsmart adversaries, this is the role for you. What You Will Do• GenAI-Accelerated Security: Research and prototype ways to use Large Language Models (LLMs) and Generative AI to automate threat modelling, triage vulnerability reports, and generate remediation code for developers. • Autonomous Penetration Testing: Assist in evaluating, building, or deploying autonomous Secure AI agents and scripts designed to automate Offensive Security Testing within our test environments. • Secure SDLC Integration: Work alongside security engineers to integrate and tune Static (SAST), Dynamic (DAST), Supply Chain Security and Software Composition Analysis (SCA) tools within our CI/CD pipelines. • Vulnerability Management: Analyse security findings, filter out false positives, and collaborate with software engineers to remediate potential vulnerabilities. • Research & Documentation: Stay up to date on the latest AI-driven attack vectors (e.g., prompt injection, model poisoning) and document internal security guidelines for safe AI adoption.