Security Operations Intern at verygoodsecurity

VGS is the world's leader in payment tokenization. Large banks, aspiring fintechs, and growing merchants embed our universal token vault into their technology stack to manage the complexities of payment data tokenization across processors and networks, open banking, card issuance, omnichannel loyalty, PCI compliance, payment orchestration, and more. We empower our clients and partners by tokenizing sensitive payment data, limiting compliance scope, and consolidating payments to unlock revenue and business opportunities.  VGS provides processor-agnostic tokenization solutions via secure universal token vaults, iframes, mobile SDKs, tokenization proxies, APIs, and data orchestration tooling to support payment acceptance, card issuance, PII and bank account tokenization, and other payments value-added services. Some of the use cases we enable include multi-processor Network Tokenization, Account Updater, payment orchestration, secure settlement file processing, 3DS, and Risk provider connectivity. We are looking for a curious, detail-oriented Security Operations Intern to join VGS. In this role, you will help the Security team protect the systems, identities, endpoints, and workflows that support our business and customers. You will work alongside security, infrastructure, and engineering partners to monitor security signals, investigate issues, improve operational processes, and strengthen our overall security posture. You will likely be successful in this role if you identify with the following traits: attention to detail, problem solver, customer-oriented, versatile, resilient, and eager to learn. If all of this sounds interesting to you, we’d love to hear from you. What you will be doing at VGS… • Assist with monitoring and triaging security alerts across endpoint, identity, cloud, enterprise, and internal systems. • Support incident response efforts by collecting logs and evidence, documenting timelines, and helping track follow-up actions. • Help improve vulnerability management processes by validating findings, tracking remediation, and partnering with system owners on fixes. • Contribute to the creation and maintenance of security playbooks, runbooks, and operational documentation. • Assist with phishing investigations, access reviews, asset inventory hygiene, and other day-to-day security operations activities. • Support enterprise security initiatives across SaaS, device, identity, and corporate infrastructure environments. • Help evaluate and strengthen the security of internal AI systems and AI-enabled workflows, including how they are deployed, accessed, monitored, and protected across the enterprise. • Help automate repetitive operational tasks using scripts, workflows, or low-code tooling where appropriate. • Participate in security control validation and operational readiness checks for internal tools and infrastructure changes. • Be proactive and innovative; we rely on your feedback to help build a secure, resilient company. • Be a part of a team that believes in transparency, collaboration, grit, and humility, and in doing the right thing for our customers and the company. What we are looking for from you (Requirements)… • Currently pursuing a degree in Cybersecurity, Computer Science, Information Systems, or a related field, or have equivalent hands-on experience. • Foundational understanding of security operations concepts such as incident response, alert triage, vulnerability management, identity and access management, and endpoint security. • Familiarity with basic networking, operating systems, and cloud concepts. • Comfort working in terminal and web-based tools, and interest in learning how modern security teams operate. • Exposure to scripting or automation with Python, Bash, or similar languages is a plus. • Strong written and verbal communication skills, with the ability to document work clearly and collaborate across teams. • Organized, dependable, and excited to learn in a fast-moving environment. • Bonus points if you have experience with log analysis, SIEM tools, EDR tools, ticketing systems, or SaaS administration. At VGS, we have a remote-first philosophy because we believe flexibility leads to great work and a healthy work-life balance. That said, if you live within 30 miles of one of our office locations, you’ll be on a hybrid schedule with some in-person time, because we know there’s real value in coming together.   We’re not about being in the office every day, but we are about connection, collaboration, and the energy that comes from a great brainstorm, a team lunch, or celebrating a big win in person.   We consider applicants without regard to race, color, national origin, sex, age, religion, sexual orientation, gender identity, veteran status, marital status, physical or mental disability, or other protected classes under all local, state, and federal laws and ordinances (AA/EOE/W/M/Vet/Disabled).   Qualified applicants with arrest and conviction records will be considered for the position in accordance with the San Francisco Fair Chance Ordinance.   Visa Sponsorship. The Company does not provide visa sponsorship for this role. Candidates must be legally authorized to work in the United States at the time of hire and throughout their employment. Individuals with temporary visas such as E, F-1 (including those with OPT or CPT), H-1, H-2, L-1, B, J, or TN, or who need sponsorship for work authorization now or in the future, are not eligible.   Please note we are currently only hiring in the following states...   California, Colorado, Connecticut, Florida, Illinois, New York, North Carolina, Oregon, Texas, Virginia, and Washington