Your responsibilities will include:

• Supporting application security reviews for services, APIs, and new product features across the VGS platform.
• Helping identify, validate, and track security findings from static analysis, dependency scanning, container scanning, and other security testing tools.
• Participating in threat modeling and secure design discussions with engineering teams during feature development.
• Evaluating the security of AI-enabled development workflows, including internal AI systems integrated into the SDLC.
• Assisting with manual testing and validation of web application and API security issues.
• Helping improve secure SDLC processes by contributing to developer guidance, secure coding resources, and repeatable review checklists.
• Working with engineers to understand remediation options and clearly document security risks and recommendations.
• Contributing to improving security tooling and guardrails in CI/CD and development workflows.

We're looking for someone with a strong interest in secure software design, cloud-native architectures, and automation. You should have a foundational understanding of application security concepts, such as the OWASP Top 10, API security, authentication and authorization, secure coding, and common software vulnerabilities.

At VGS, we have a remote-first philosophy, and we're looking for someone who is comfortable working independently and collaboratively as part of a team.

XML job scraping automation by YubHub