Internship summary

NVISO is a pure-play cyber security consulting firm: our team is composed of security professionals who each have their specific field of expertise, ranging from Information Security Governance, Risk & Compliance to Incident Response, Penetration Testing, CSIRT/SOC, Software Security, and Training & Awareness. This fantastic blend of skills enables us to help organizations prevent, detect, and respond to complex security challenges.

As a Red Team Automation intern, you will work closely with NVISO’s offensive security consultants to design and implement internal tooling aimed at automating common data collection and assessment tasks during Active Directory and Entra ID–focused security engagements. The internship focuses on improving operational efficiency, consistency, and data quality during red team and adversary simulation projects by building robust, cross-platform command-line tooling and accompanying documentation.

The tooling developed during this internship will support consultants in collecting technical evidence, running common assessment utilities, and preparing structured outputs that can be reused across engagements.

• Design and develop cross-platform command-line tooling (Windows and Linux at minimum), primarily using Go, to automate common red team and Active Directory assessment tasks.


• Automate execution and orchestration of existing tools and checks, such as:


• Active Directory data collection


• Entra ID data collection execution


• Detection and evidence gathering for various common misconfigurations


• Implement a modular data collection architecture that allows:


• Local storage of collected data in a structured directory format, and/or


• Optional transmission of collected data to a backend component for centralized storage and processing


• Design and implement a lightweight backend component (optional) to receive, store, and organize collected assessment data.


• Ensure the tooling is reliable, operator-friendly, and suitable for use in real-world offensive security engagements.


• Create extensive in-line help and usage documentation within the CLI tooling, including clear explanations of commands, flags, and expected outputs.


• Develop comprehensive static website documentation for the tooling, preferably generated automatically from the source code or configuration to ensure it remains up-to-date.


• Collaborate with red team consultants to gather feedback, refine requirements, and iterate on functionality.


• Review and improve the tooling with a focus on usability, maintainability, and operational security.

• Currently pursuing a degree in Computer Science, Cyber Security, Software Engineering, or a related technical field.


• Strong programming skills, preferably with experience in Go or transferable to Go; experience with other systems languages is a plus.


• Familiarity with Windows and Linux operating systems and their internals.


• Basic understanding of Active Directory, authentication mechanisms, and common enterprise security controls.


• Interest in offensive security, red teaming, or penetration testing.


• Experience with or interest in building CLI tools and automation frameworks.


• Understanding of software engineering best practices, including version control and documentation.


• Ability to work independently, manage tasks effectively, and communicate clearly with technical stakeholders.


• Strong attention to detail and a quality-driven mindset.


• Being able to use AI without losing quality & stability.

By the end of the internship, the intern will have:

• Designed and implemented a functional cross-platform CLI tool used internally by NVISO’s red team.


• Gained hands-on experience in offensive security automation and Active Directory–focused assessments.


• Developed practical expertise in Go, CLI design, and cross-platform tooling.


• Built structured documentation pipelines, including in-line help and static documentation websites.


• Collaborated with experienced offensive security consultants and gained insight into real-world red team operations.


• Delivered tooling that improves efficiency, repeatability, and data quality during security assessments.

Interested?

Send us your application!