Develop automated security testing for centralized security libraries which scale directly with developer needs and enable them to write secure code more easily.
Participate in the review and improvement of secure software development lifecycle (SDLC) processes.
Have significant ownership in and evangelize security training with development teams.
Drive initiatives which scale application security and holistically address application vulnerabilities.
Be able to review application and infrastructure code in context and defend findings.
Research and present emerging threats, vulnerabilities, and mitigation techniques.
Support and consult with product and development teams in application security, including threat modeling and AppSec reviews.
Assist teams in reproducing, triaging, and remediating application security vulnerabilities.
Assist in development of security processes and automated tooling that prevent classes of security issues.
With a focus on AWS, build the application specific security components of the next phase of ATPCOs Cloud infrastructure, shaping secure application development for years to come.
Build automation to help us discover, measure, and contextualize application security issues.
Partner with platform teams to deliver solutions that permanently solve entire categories of security risk.
Participate in varied penetration testing and vulnerability assessments of applications, operating systems and/or networks.

Requirements

Current student pursuing a degree in Computer Science, Cybersecurity, Information Technology, Software Engineering, or related field
Foundational understanding of secure coding principles and common web/app vulnerabilities (e.g., OWASP Top 10, CWE)
Familiarity with application security testing tools such as SAST (Checkmarx), DAST (e.g., Burp Suite, OWASP ZAP), or SCA (dependency scanning) is a plus
Experience with scripting/programming languages (Python, JavaScript, Bash, or similar) to automate security tasks
Basic understanding of cloud application security fundamentals
Awareness of DevSecOps practices and integrating security into CI/CD pipelines is a plus
Strong analytical and problem-solving skills with high attention to detail
Excellent written and verbal communication skills, especially in documenting and explaining vulnerabilities to developers
Ability to collaborate effectively with cross-functional teams (developers, DevOps, security engineers)

Benefits

Flexible work arrangements
Professional development

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

automated security testingsecure software development lifecycleapplication securitythreat modelingpenetration testingvulnerability assessmentsscriptingprogramming languagescloud application securityDevSecOps

Soft skills

analytical skillsproblem-solving skillsattention to detailwritten communicationverbal communicationcollaborationownershipevangelismconsultationpresentation skills