# Application Security Intern

**Company:** [VGS](https://hotfix.jobs/companies/vgs)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $42k – $42k/yr
**Experience:** 0+ years
**Skills:** Owasp Top 10, Api Security, Java, Python, JavaScript, Go, Git, Burp Suite, SAST, DAST, CI/CD, Docker, Kubernetes, Threat Modeling, LLMs
**Posted:** 2026-04-16

> Application Security Intern supports security reviews, threat modeling, and testing for services and APIs handling sensitive payment data. Partners with engineering to improve secure SDLC practices and tooling; requires foundational app sec knowledge and coding ability in languages like Java, Python, or Go.

## Job Description

## Responsibilities

- Support application security reviews for services, APIs, and new product features across the VGS platform.
- Help identify, validate, and track security findings from static analysis, dependency scanning, container scanning, and other security testing tools.
- Participate in threat modeling and secure design discussions with engineering teams during feature development.
- Help evaluate the security of AI-enabled development workflows, including internal AI systems integrated into the SDLC.
- Assist with manual testing and validation of web application and API security issues, including access control, authentication, input validation, and secrets handling.
- Help improve secure SDLC processes by contributing to developer guidance, secure coding resources, and repeatable review checklists.
- Work with engineers to understand remediation options and clearly document security risks and recommendations.
- Contribute to improving security tooling and guardrails in CI/CD and development workflows.

## Requirements

- Currently pursuing a degree in Computer Science, Cybersecurity, Software Engineering, or a related field, or equivalent practical experience.
- Foundational understanding of application security concepts such as the OWASP Top 10, API security, authentication and authorization, secure coding, and common software vulnerabilities.
- Ability to read and reason about code in one or more programming languages such as Java, Python, JavaScript, or Go.
- Familiarity with Git, the software development lifecycle, and basic testing or debugging workflows.
- Strong interest in secure software design, cloud-native architectures, and automation.
- Strong written and verbal communication skills.

## Nice-to-Haves

- Exposure to LLMs, threat modeling, Burp Suite, SAST/DAST tools, CI/CD pipelines, Docker/Kubernetes, or cloud environments.

## Similar roles

- [Junior Cybersecurity Analyst - Richmond](https://hotfix.jobs/jobs/69dc8aa4-fbe2-48dd-bb41-73bb83fe60a0) - Agency - Richmond, VA - From $42k/yr
- [Junior Cybersecurity Analyst - Boston](https://hotfix.jobs/jobs/931da34e-3660-4ed1-92ca-7bcde3480af2) - Agency - Boston, MA - From $47k/yr
- [Junior Cybersecurity Analyst - NYC](https://hotfix.jobs/jobs/eabfae93-1a20-4ec9-b205-80d76d7a8824) - Agency - New York, NY - $47k – $52k/yr
- [Fraud and Risk Specialist](https://hotfix.jobs/jobs/861014c4-c8d0-4084-9bf5-05b0a96667c2) - Novig - Remote - $65k – $75k/yr
- [Information Security Analyst](https://hotfix.jobs/jobs/e60dda15-42a7-4579-9d34-c85c963afcc3) - Machinify - Remote - $70k – $95k/yr

**Apply:** https://hotfix.jobs/jobs/3e604dba-3cd9-481f-a684-a705583313ee
**Canonical:** https://hotfix.jobs/jobs/3e604dba-3cd9-481f-a684-a705583313ee