RemoteLeaf Logo
Log in Sign up

Application Security Intern

1 month, 2 weeks ago
United States
Internship
Entry Level
Application Security Engineer
Software Development
Burp Suite CI/CD Docker Git Go Java JavaScript Kubernetes LLM Python
Apply Now
Very Good Security

Very Good Security

VGS is the global leader in payment tokenization, providing security and compliance infrastructure for banks, fintechs, and merchants to manage payment data complexities and accelerate PCI, SOC2, and more compliances.

Internet Software & Services
51-250
Founded 2015
$45M raised
View All Jobs 8

Description

  • Support application security reviews for services, APIs, and new product features across the VGS platform.
  • Identify, validate, and track findings from static analysis, dependency scanning, container scanning, and other security testing tools.
  • Participate in threat modeling and secure design discussions with engineering teams during feature development.
  • Evaluate the security of AI-enabled development workflows and internal AI systems integrated into the SDLC.
  • Manually test and validate web application and API security issues, including access control, authentication, input validation, and secrets handling.
  • Help improve secure SDLC processes by contributing to developer guidance, secure coding resources, and review checklists.
  • Work with engineers to understand remediation options and document security risks and recommendations.
  • Contribute to improving security tooling and guardrails in CI/CD and development workflows.
  • Provide proactive feedback to help build secure products and development practices.

Requirements

  • Currently pursuing a degree in Computer Science, Cybersecurity, Software Engineering, or a related field, or equivalent practical experience.
  • Foundational understanding of application security concepts such as the OWASP Top 10, API security, authentication and authorization, secure coding, and common software vulnerabilities.
  • Ability to read and reason about code in one or more programming languages such as Java, Python, JavaScript, or Go.
  • Familiarity with Git, the software development lifecycle, and basic testing or debugging workflows.
  • Strong interest in secure software design, cloud-native architectures, and automation.
  • Strong written and verbal communication skills for explaining technical issues to security and engineering stakeholders.
  • Curious, collaborative, and eager to learn how security can enable developers.
  • Exposure to LLMs, threat modeling, Burp Suite, SAST/DAST tools, CI/CD pipelines, Docker/Kubernetes, or cloud environments is a plus.
  • Must be legally authorized to work in the United States at the time of hire and throughout employment.
  • Candidates must be located in one of the following states: California, Colorado, Connecticut, Florida, Illinois, New York, North Carolina, Oregon, Texas, Virginia, or Washington.

Benefits

  • $20 per hour compensation.
  • Remote-first work environment.
  • Hybrid schedule available for candidates living within 30 miles of an office location.
  • Flexible work approach that supports work-life balance.
  • Consideration of applicants with arrest and conviction records in accordance with the San Francisco Fair Chance Ordinance.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Nebius

Application Security Engineer

Nebius 51-250 Internet Software & Services

Nebius is hiring an Application Security Engineer to help secure its AI cloud platform by identifying vulnerabilities, improving secure development practices, and supporting application security across the software lifecycle.

United Kingdom Europe Netherlands Czech Republic Germany Full-time Mid Level Application Security Engineer
$81k-$259k
Burp Suite Cybersecurity Go Java JavaScript Linux OpenID Connect Penetration Testing Python SAML
4 hours, 4 minutes ago
GuidePoint Security

Senior Application Security Engineer - Southeast region (Remote)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a senior Application Security consultant to help client organizations strengthen and operationalize their AppSec programs through a mix of advisory work, hands-on engineering, and executive-level guidance.

United States Full-time Senior Application Security Engineer
AWS Azure CI/CD DevSecOps GCP Kubernetes Secrets Management
4 hours, 34 minutes ago
Spotify

Security Engineer- Product Security

Spotify Media

Spotify is hiring a Security Engineer for Product Security to secure its platform, infrastructure, and engineering initiatives for hundreds of millions of users across London or Stockholm.

United Kingdom Sweden Full-time Mid Level Application Security Engineer
Agile C++ CI/CD Encryption Generative AI Java Python Scala TypeScript
4 hours, 49 minutes ago
MLabs

Product Security Engineer

MLabs 11-50 Internet Software & Services

MLabs is hiring a Product Security Engineer to secure an enterprise-grade open-source proof-of-stake blockchain platform as it scales across protocol upgrades, EVM-compatible services, and cross-chain infrastructure.

Singapore United Kingdom Switzerland Germany Hong Kong Full-time Senior Application Security Engineer
$75k-$85k
Blockchain CI/CD Encryption gRPC Java Rust
5 hours, 4 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers