Job Specifications
Sigma unlocks the value of data by delivering cloud-scale analytics and business intelligence with the simplicity of a spreadsheet, complete with pivot tables and dashboards. We empower business professionals and data teams to quickly explore, analyze, visualize, and collaborate, leveraging all of their data across the organization.
Our Internship Program At Sigma
Sigma’s early career program is the launchpad for the next generation of engineers and innovators. As an Intern at Sigma, you’ll work on various Cyber Security domains and learn efficient Security engineering for large scalable systems/environments. Our interns connect directly with our Engineering teams, IT and customer facing teams across the organization everyday. We’re looking for students who bring curiosity, a spirit for collaboration, and a desire for securing the world. Sigma is shaping the future of business insights and data visualization.
Internship Program Qualifications
Current student:
You must be currently enrolled in a university graduate degree program in the U.S with a graduation date of December 2026 or later
Able to intern from June 2026 through early September 2026 (12 weeks)
Authorization:
You must be legally authorized to work in the US during the Summer 2026 program
Visa sponsorship is not available for our internship positions
Location:
Located within the San Francisco Bay Area or willing to relocate during the internship. Relocation assistance will be provided for students who will need to relocate for the summer.
Able to work 40 hours per week (full-time) in a hybrid work model with a minimum of 4 days in office for in person collaboration with our team
About The Role
As a Security Engineering Graduate Intern, you will join a team dedicated to protecting our cloud and enterprise environments. We are looking for a current graduate student to join our security engineering team for a 12-week internship. This is a hands-on technical role where you’ll work alongside experienced engineers to defend our infrastructure across SaaS, cloud, endpoints, and identity platforms. You will bridge the gap between theoretical security and production-level defense, focusing on Detection Engineering, Incident Response, and Cloud Security Operations. This role is designed for students who are passionate about understanding attacker behavior and building the systems that stop them.
During Your Internship Your Responsibilities Will Include
Detection & Response: Triage and investigate security alerts from a diverse stack including SIEM, EDR, WAF, and DLP platforms. You’ll help refine these systems by tuning "detections-as-code" to reduce noise and improve signal quality.
Threat Hunting: Conduct hypothesis-driven hunts across telemetry data (cloud, identity, and network) to uncover emerging threats that may have bypassed automated defenses.
Detection Engineering: Research attacker TTPs and use the MITRE ATT&CK framework to develop and deploy new detection logic.
Cloud & SaaS Security: Analyze cloud configurations and IAM policies to identify misconfigurations, support vulnerability remediation, and validate security best practices.
Endpoint & Email Defense: Investigate suspicious macOS activity, analyze malicious emails, and support internal phishing simulation programs.
Documentation: Contribute to the team’s knowledge base by documenting processes, findings and creating playbooks that improve the broader team's response capabilities.
What We’re Looking For
Educational Background: Currently pursuing aMaster’s degree in Computer Science, Cybersecurity, or a related field, with the intent to return to school following the internship for at least one more term.
Technical Foundation: A solid understanding of networking (TCP/IP, DNS, HTTP) and at least one operating system (Linux or macOS).
Analytical Skills: The ability to parse and analyze logs from multiple sources to identify malicious patterns and security events.
Programming Proficiency: Comfort with scripting or automation using Python, SQL, or similar languages.
Preferred Experience: Hands-on exposure to SIEM, EDR, or cloud platforms (AWS, GCP, Azure), and a familiarity with the MITRE ATT&CK framework.
Mindset: A deep curiosity about how attackers operate, strong analytical thinking, and a drive to solve real-world security problems at scale.
Additional Job Details
Interns at Sigma are compensated with an hourly rate, commuter bonus, and relocation bonus (where applicable). Our hourly rate for this role is $50.00 per hour.
About Us
Sigma is the only cloud analytics and business intelligence tool empowering business teams to break free from the confines of the dashboard, explore data for themselves, and make better, faster decisions. The award-winning software was built to capitalize on the performance power of cloud data warehouses to combine data sources and analyze billions of rows of data instantly via an intuitive, spreadsheet-like interface – no coding required.
Since lau
About the Company
Sigma is not another Business Intelligence tool. Sigma is the only Cloud Analytics solution with a spreadsheet-like interface that enables anyone to explore data at cloud scale and speed. Discover what happened, why it happened, and what will happen.
Know more