Description
We're looking for a curious and motivated Application Security Intern to help us build secure products and development practices at VGS. As an Application Security Intern, you will partner with security and engineering teams to evaluate application risk, improve secure software development workflows, and help developers ship software safely in an environment that handles highly sensitive payment and identity data.
Your responsibilities will include:
- Supporting application security reviews for services, APIs, and new product features across the VGS platform.
- Helping identify, validate, and track security findings from static analysis, dependency scanning, container scanning, and other security testing tools.
- Participating in threat modeling and secure design discussions with engineering teams during feature development.
- Evaluating the security of AI-enabled development workflows, including internal AI systems integrated into the SDLC.
- Assisting with manual testing and validation of web application and API security issues.
- Helping improve secure SDLC processes by contributing to developer guidance, secure coding resources, and repeatable review checklists.
- Working with engineers to understand remediation options and clearly document security risks and recommendations.
- Contributing to improving security tooling and guardrails in CI/CD and development workflows.
We're looking for someone with a strong interest in secure software design, cloud-native architectures, and automation. You should have a foundational understanding of application security concepts, such as the OWASP Top 10, API security, authentication and authorization, secure coding, and common software vulnerabilities.
At VGS, we have a remote-first philosophy, and we're looking for someone who is comfortable working independently and collaboratively as part of a team.