Research Intern

Who We Are

Socket helps devs and security teams ship faster by cutting out security busywork. Thousands of orgs use Socket to safely find, audit, and manage open source code. Our customers — from Anthropic to xAI, and Figma to Vercel — love Socket (just check out their tweets to see for yourself!)

Founded by Feross Aboukhadijeh, a long-time open source maintainer with software downloaded over a billion times a month, Socket has raised $65M in funding from top angels, operators, and security leaders.

About the Role

You will collaborate with world-class software engineers to build the next generation of defenses against software supply chain attacks. This internship offers a unique opportunity to translate cutting-edge research ideas into real-world systems that safeguard millions of developers worldwide. You will contribute to the design and implementation of large-scale data collection and analysis pipelines, conduct in-depth investigations of malicious activity in open source ecosystems, and prototype novel techniques for detecting fraud and abuse on platforms such as GitHub.

As one of our research interns, you will not only push the boundaries of software supply chain security but also help shape the culture and direction of a fast-growing security company. This role is ideal for PhD students eager to bridge academia and industry and bring innovative research into production environments while gaining hands-on development experience in a high-impact, mission-driven setting.

What You'll Do

• Conduct applied research on emerging threats in the software supply chain (e.g., typosquatting, dependency confusion, malicious maintainers) and translate findings into detection prototypes.
• Design and evaluate novel algorithms for identifying malicious or inauthentic activity across ecosystems such as npm, PyPI, and GitHub.
• Leverage data science and machine learning techniques to model suspicious publishing behaviors, coordinated activity, and fraud campaigns.
• Develop automated research tools to collect, transform, and analyze large-scale datasets from third-party APIs (e.g., npm, GitHub, PyPI).
• Prototype and validate detection systems that can be integrated into Socket’s threat intelligence platform, bridging research insights with production impact.
• Collaborate with engineers and designers to experiment with new ways of surfacing research findings in user-facing interfaces and developer workflows.
• Publish research outputs internally (dashboards, reports, proofs-of-concept) to influence product strategy and share with the broader community when appropriate.
• Contribute to the early team culture, bringing a research-driven perspective to technical discussions, prioritization, and the company’s long-term vision.

What You'Ll Bring

• You are enrolled in a postgraduate or PhD program in computer science (or related field) and eager to apply your research expertise to real-world problems in software supply chain security.
• Strong background in one or more of the following: program analysis, data mining, applied machine learning, large-scale systems, or security research.
• Proficiency with languages commonly used for prototyping and research (e.g., JavaScript/TypeScript, Python, or similar).
• Familiarity with software and systems security concepts, such as threat modeling, malware analysis, or adversarial behavior in open ecosystems.
• Experience conducting research involving data analysis, statistical methods, or experimental evaluation.
• Strong analytical and creative problem-solving skills; able to explore novel approaches and rigorously evaluate their effectiveness.
• Self-motivated and comfortable driving independent research while collaborating with an interdisciplinary team.
• Strong written and verbal communication skills for presenting research findings and collaborating across engineering and design.
• Bonus points for prior work in one or more of the following:
• Static/dynamic analysis of software or binaries
• Open source security research or published academic work
• Experience with Socket-supported ecosystems
• Building scalable data pipelines or visualization dashboards
• Static/dynamic analysis of software or binaries
• Open source security research or published academic work
• Experience with Socket-supported ecosystems
• Building scalable data pipelines or visualization dashboards

As we know how important clarity is when looking for a new role, we've put together a read-me about the Interview Process at Socket, should you be invited for an interview.

At Socket, We

1. Pursue Excellence: We set ourselves apart by consistently delivering work of exceptional quality and distinction.
2. Move with urgency and focus: We prioritize swift, decisive action.
3. Think rigorously: We care about being right and it often takes reasoning from first principles to get there. We value alternative perspectives and have constructive discussions.
4. Trust and amplify: We overtrust, always assume good intent, and give specific feedback to help each other improve.
5. Feel a strong sense of ownership: We wear many hats and feel a strong sense of overall ownership of the company and we're non-territorial regarding our nominal domains.
6. Are customer obsessed: We relentlessly prioritize the needs of our customers, striving to exceed their expectations and delight them at every interaction.