Information Security Intern
IT
Posted on Jul 8, 2026
About the company
Tabby builds financial products used by millions of users across the GCC. We work on high-load, security-critical systems with strict regulatory requirements. The Information Security function protects Tabby across mobile apps, backend services, payment integrations, and cloud infrastructure.
This internship is not educational by default. It is an engineering role with real responsibility.
Context
Information Security at Tabby covers two complementary tracks:
- Vulnerability Assessment & Penetration Testing (VAPT) — application security testing, security architecture reviews, threat modelling, secure code review, vulnerability triage, and incident response.
- Governance, Risk & Compliance (GRC) — policy and control frameworks, compliance program support (PCI DSS, ISO 27001, SAMA), risk assessments, audit support, vendor security reviews, and security awareness.
The team works closely with product engineering, risk engineering, and platform / SRE.
The internship is designed for strong early-career engineers who want to grow as security practitioners. Candidates apply once — during interviews we match each candidate to the track that fits best. Interns are embedded with the security team, work on real assessments and remediation or compliance tasks under senior review, and are expected to meet engineering standards from day one.