Skip to content
VGSVGSUnited States

Application Security Intern

Application Security Intern supports security reviews, threat modeling, and testing for services and APIs handling sensitive payment data. Partners with engineering to improve secure SDLC practices and tooling; requires foundational app sec knowledge and coding ability in languages like Java, Python, or Go.

42k – 42k/yr
RemoteEntry levelSecurity Engineering

About the role

Responsibilities

  • Support application security reviews for services, APIs, and new product features across the VGS platform.
  • Help identify, validate, and track security findings from static analysis, dependency scanning, container scanning, and other security testing tools.
  • Participate in threat modeling and secure design discussions with engineering teams during feature development.
  • Help evaluate the security of AI-enabled development workflows, including internal AI systems integrated into the SDLC.
  • Assist with manual testing and validation of web application and API security issues, including access control, authentication, input validation, and secrets handling.
  • Help improve secure SDLC processes by contributing to developer guidance, secure coding resources, and repeatable review checklists.
  • Work with engineers to understand remediation options and clearly document security risks and recommendations.
  • Contribute to improving security tooling and guardrails in CI/CD and development workflows.

Requirements

  • Currently pursuing a degree in Computer Science, Cybersecurity, Software Engineering, or a related field, or equivalent practical experience.
  • Foundational understanding of application security concepts such as the OWASP Top 10, API security, authentication and authorization, secure coding, and common software vulnerabilities.
  • Ability to read and reason about code in one or more programming languages such as Java, Python, JavaScript, or Go.
  • Familiarity with Git, the software development lifecycle, and basic testing or debugging workflows.
  • Strong interest in secure software design, cloud-native architectures, and automation.
  • Strong written and verbal communication skills.

Nice-to-Haves

  • Exposure to LLMs, threat modeling, Burp Suite, SAST/DAST tools, CI/CD pipelines, Docker/Kubernetes, or cloud environments.

Skills

Owasp Top 10Api SecurityJavaPythonJavaScriptGoGitBurp SuiteSASTDASTCI/CDDockerKubernetesThreat ModelingLLMs
Agency

Junior Cybersecurity Analyst - Richmond

AgencyRichmond, VA

Entry-level on-site cybersecurity role in Richmond providing hands-on training in compliance frameworks and operations for a YC-backed startup. Candidates must demonstrate strong work ethic, communication, and resilience.

42k+/yr
On-siteEntry levelSecurity Engineering
Agency

Junior Cybersecurity Analyst - Boston

AgencyBoston, MA

Entry-level on-site role supporting cybersecurity and compliance projects for clients. Involves account management, internal coordination, and learning frameworks like SOC 2, ISO 27001, and HIPAA while earning certifications.

47k+/yr
On-siteEntry levelSecurity Engineering
Agency

Junior Cybersecurity Analyst - NYC

AgencyNew York, NY

Entry-level on-site Junior Cybersecurity Analyst role providing client support and compliance project assistance while learning frameworks like SOC 2, ISO 27001, and HIPAA. No prior experience required; rigorous training and certification path provided.

47k – 52k/yr
On-siteEntry levelSecurity Engineering
Novig

Fraud and Risk Specialist

NovigNew York, NY

Investigates fraud like multi-accounting, bonus abuse, and suspicious betting patterns in a sports prediction market. Analyzes data with SQL/tools, makes decisive calls to protect users; requires 1-3 years fraud/risk experience, preferably in fintech/gaming.

65k – 75k/yr
Remote1+ YOESecurity Engineering
Machinify

Information Security Analyst

MachinifyUnited States

Entry-level Information Security Analyst supporting security assurance operations, customer questionnaires, and compliance activities for a healthcare intelligence company. Bachelor's degree or equivalent required; cybersecurity background helpful but not mandatory.

70k – 95k/yr
RemoteEntry levelSecurity Engineering