LitmusLayer← All roles

Work with us / Cyber Security

Industrial Placement in Cyber Security

Harden a platform that legal and compliance teams have to trust.

Duration

6 months

Location

Remote

You earn

Certificate

Team

Security

About the role

LitmusLayer is a risk and legal product, so security is not a bolt-on. It is the product. Every tenant must see only their own data, every audit record must be tamper-evident, and no automated action may ship without a human in the loop.

As a security placement student you will work alongside the backend team to threat-model new features, review changes for common vulnerability classes, and help verify that access controls actually hold. You will produce clear, actionable findings rather than noisy scanner dumps.

What you'll work with

OWASPPostgres RLSSupabase AuthTypeScriptThreat modelling

What you'll do

  • Threat-model new features and document trust boundaries and abuse cases.
  • Review pull requests for injection, access-control, and data-exposure issues.
  • Test multi-tenant isolation and confirm one organisation can never read another’s data.
  • Audit dependency and configuration risks, and propose concrete fixes.
  • Help maintain secure defaults across secrets handling, auth checks, and input sanitisation.

What we're looking for

Preferred background: Computer Science, Cyber Security, or a related technical degree preferred.

  • Currently studying Computer Science, Cyber Security, or a related technical degree.
  • Solid grasp of web security fundamentals such as the OWASP Top 10.
  • Able to read application code in TypeScript or JavaScript and reason about data flow.
  • Understanding of authentication, authorisation, and least privilege.
  • Clear written communication. A finding is only useful if it can be acted on.

Nice to have

Genuinely optional. Do not let a gap here stop you applying.

  • Exposure to SQL, Postgres, and row-level security concepts.
  • Any hands-on CTF, bug-bounty, or lab experience.
  • Familiarity with SAST, DAST, or dependency scanning tools.

What you'll take away

  • How security is designed into a compliance-grade product from the schema up.
  • Practical multi-tenant isolation testing against real access-control policies.
  • How to write findings that engineers can actually fix.

Apply for this placement

Fill in the form and attach your résumé as a PDF. It goes straight to our team, and we read every application.

Résumé (PDF) *

Your details go straight to our team by email. We don't store them anywhere else.

Other open roles

Backend Engineering

Build the APIs and data pipelines behind an AI compliance platform.

Data Structures & Algorithms

Make claim matching, scoring, and deduplication fast and correct.

Core Systems Engineering

The demanding low-level track. Reliability, background jobs, and performance.

Management & Operations

Help run the programmes, research, and operations behind the product.

© 2026 LitmusLayer

CareersGuidePrivacyTerms