Intern DevSecOps

Cybersecurity Team – created as part of the EY Cybersecurity practice in Poland, provides services in the field of designing and implementing advanced IT security mechanisms, with particular focus on public and private cloud platform environments and their secure and reliable integration within hybrid environments. The team is also responsible for the ongoing operation and optimization of security processes for clients across various industries.

The team works on complex, international projects, helping organizations securely scale their development and operations by integrating security controls directly into CI/CD pipelines, cloud platforms, and engineering workflows. Due to the dynamic growth of these services, we are looking for ambitious individuals to join the team as a DevSecOps Intern.

Opportunities that await you:

As a DevSecOps Intern, you will actively support internal engineering initiatives and client projects focused on building, securing, and automating modern IT platforms. You will gain hands-on experience with security tooling and learn how security is embedded into software development, cloud operations, and continuous delivery pipelines.

You will work closely with cybersecurity engineers, cloud engineers, and DevOps teams, learning how to translate security requirements into practical, automated, and scalable solutions.

Your main tasks:

As a member of the Cybersecurity / DevSecOps team, you will take part in many different, interesting projects, mainly related to the design/implementation/maintenance of cybersecurity tools and security controls across the SDLC, including:

• Supporting the implementation of security controls in CI/CD pipelines (e.g. SAST, SCA, DAST, container security)
• Assisting in the development and maintenance of Infrastructure as Code (IaC) with built-in security best practices
• Contributing to secure SDLC and DevSecOps transformation initiatives
• Working on end-to-end application development with field experts
• Helping integrate security tools via APIs and automation scripts (e.g. using Python, PowerShell, REST APIs)
  
  

Moreover, you will take part in projects focused on the operationalization of CyberSecurity tools such as SIEM / SOAR / EDR and transformation initiatives, which will include tasks such as:

• SOC - daily monitoring, incident detection and response, reporting, and participation in continuous improvement of monitoring capabilities
• Engineering - performing regular updates, maintaining automation scripts, system health checks, supporting platform transformations, and maintaining documentation of security systems
• SOAR - developing and supporting automation workflows, optimizing routine processes, and contributing to incident response efficiency
• Vulnerability Management - conducting continuous scanning, tracking remediation progress, coordinating with system owners, and improving vulnerability management processes
• Cloud Security - performing compliance checks, monitoring security issues, implementing best practices, and cooperating closely with the cloud operations team
  
  

Skills you will use:

• Basic understanding of cybersecurity and secure software development concepts
• Knowledge of Linux (e.g. RedHat) and Windows
• Experience or interest in Python, PowerShell, Bash and REST APIs
• Familiarity with DevOps / CI-CD concepts (pipelines, version control, automation)
• General knowledge of SIEM / SOAR / EDR / Vulnerability Management tools
• Familiarity with cloud platforms (Azure, AWS, GCP)
• Understanding of networking fundamentals
• Analytical thinking and problem-solving mindset
• Very good knowledge of English and Polish
  
  

Your previous experience:

Student/Graduate of Cybersecurity or related fields (IT profile)

We will also appreciate:

Interest in DevSecOps, Cloud Security, or Security Engineering

Basic experience with:

• Git / version control
• CI/CD tools (e.g. Azure DevOps, GitHub Actions, GitLab CI)
• Containers and container security (Docker, Kubernetes – basic level)
• Possession of industry certificates in the field of IT security, e.g. CompTIA Security+, certification of leading IT/Security solution providers (also in the areas of security of cloud platforms, e.g. Microsoft AZ-900)
• Willingness to develop in the area of IT security
  
  

You are a good fit for us if:

You are a proactive, well-organized person who wants to develop towards DevSecOps, cloud security, and cybersecurity engineering, enjoys automation and technology, and is ready to take on challenges in international, engineering-driven projects.

We offer:

Interesting work in an international consulting company,

• Locations: Łódź, Warsaw, Wrocław and Gdańsk
• Flexible working hours to fit your university schedule
• Hybrid or remote work options, depending on project requirements
• Exposure to a wide range of technologies and projects, allowing you to explore different areas of cybersecurity and find your own career path
• Participation in complex, international projects in the field of implementation of cybersecurity solutions and thus enabling the acquisition of various experiences,
• Opportunity to gain hands-on experience with enterprise-level cybersecurity tools and technologies
• Personalized programs of courses and trainings,
• Participation in a professional development program
  
  

About EY Poland

We are a global consulting company – we help entrepreneurs, organizations and communities get the most out of their potential. We carry out projects in the field of: Audit, Tax, Transaction and Business Consulting (including IT).

We employ more than 240,000 exceptional people in more than 150 countries around the world. There are over 2800 of us in Poland, and we work in: Warsaw, Gdańsk, Katowice, Kraków, Łódź, Poznań and Wrocław.

We create amazing things together every day. We have people, a development path and training, thanks to which you can also handle the most prestigious projects.

EY is an equal opportunity employer, we appreciate the diversity of knowledge and experience of our employees.

EY provides all candidates with equal opportunities in the recruitment process, regardless of gender, age, race, religion, sexual orientation, national origin, disability or any other legally protected data, in accordance with applicable law.