Application Security Intern (US) - Summer 2025
Charlottesville, VA; Columbus, OH; Durham, NC
Internship Entry-level / Junior USD 62K - 66K
WillowTree
WillowTree orchestrates winning customer experiences. From AI consulting to engineering, design to digital marketing, our elite global teams accelerate ideas to outcomes.Who We Are
WillowTree, a TELUS Digital Company, is an award-winning digital product agency working to solve digital challenges for some of the world’s leading brands. We do this by launching new digital products, delivering personalized marketing, and harnessing the power of data and AI to transform their business. Some of our clients include HBO, National Geographic, Anheuser-Busch, and PepsiCo. Want to learn more about our work? Check out some of our outcomes and case studies!
And guess what? In January 2023, WillowTree was acquired by TELUS Digital. Now, we have an unparalleled ability to deliver seamless, trusted, digitally-enabled experiences across any channel a customer might choose - be it mobile apps, websites, voice skills, chatbots, email, and more!
The Opportunity
We believe the best ideas come from shared creativity. In this role, you’ll have plenty of opportunities to work directly with our Security team and other project teams to ensure that WillowTree is building software with security best practices in mind. Our summer internship program gives current students the chance to make an impact by contributing ideas and adding a fresh perspective to real client projects. And just to make sure you’re advancing in your craft, you’ll have plenty of opportunities to spend time with team members in your discipline to discuss the latest trends in tech or gain insight on a new skill.
We understand our responsibility to create a diverse, equitable, and inclusive place within the tech industry, while pushing to make our industry more representative. Because of this responsibility, we need candidates who value diversity and inclusion through their work, team collaboration, or involvement in student organizations.
*This is a hybrid position. This role is open in three locations: Charlottesville, VA, Columbus, OH, and Durham, NC.
Your Impact
- You'll receive guidance from seasoned professionals in the security field, fostering both personal and professional growth.
- You'll engage in real-world projects, analyzing software designs and implementations for security vulnerabilities.
- You'll not only create tools but also have the opportunity to contribute ideas for innovative security solutions that enhance project outcomes.
- You'll learn to apply security principles throughout all phases of the software development lifecycle (SDLC), ensuring a comprehensive understanding of secure development practices.
- You’ll develop and implement automation scripts to streamline security testing processes. This includes creating scripts for vulnerability scanning, automated code analysis, and integration into the CI/CD pipeline.
- You’ll utilize data visualization tools to create dashboards that represent security metrics and trends. This will help communicate findings to project teams and stakeholders effectively, enabling better decision-making regarding security posture.
- You’ll collaborate with development teams during code reviews to identify security vulnerabilities. Use pair programming techniques with co-pilots to provide real-time feedback on secure coding practices and ensure adherence to security standards.
- You’ll maintain clear and concise documentation of automated processes, security findings, and recommendations for improvement. Ensure that all documentation is accessible for future reference and compliance purposes.
- You’ll stay updated on the latest tools, technologies, and best practices in application security.
- You’ll enhance your skills in automation, scripting, and secure coding.
Your Background
- You plan to graduate in Fall/Winter 2025 or later
- Internship experience as a software security engineer and/or tester or relevant coursework
- Experience scripting with Python/Powershell
- Knowledge of techniques, standards, and state-of-the art capabilities for authentication, authorization, applied cryptography, security vulnerabilities, and remediation
- Have experience with mobile or web development (Swift, Java, Kotlin, TypeScript, Javascript, etc.)
- Proficient with web related technologies (Web applications, Web Services and Service Oriented Architectures), and of network/web related protocols
- Deep interest and curiosity in all aspects of security research and development
- Desire to work with project teams and build consensus for security best practices
- Applicants must be authorized to work permanently for any employer in the U.S. We are unable to sponsor employment visas at this time.
P.S. Even if you don’t have expertise in all of the qualifications listed, we value new perspectives and encourage you to apply. We’re committed to building a diverse company that reflects the diversity of our users. If you feel confident about a good amount of the bullet points above, we’ll ramp you up on the rest.
Why WillowTree?
We offer a place to be yourself.
Our differences, both visible and invisible, benefit our teams, our communities, and the products we craft. That’s why WillowTree strives to build a team with diverse backgrounds, skills, and perspectives. You’ll work hard here; however, we’ll balance that with a culture that supports your growth and cares about your well-being. We’re committed to creating an environment of inclusion — a place where every Tree can thrive.
Our summer internship program is an opportunity for you to work on real client projects and make a real impact on our organization all while receiving one-on-one mentoring from our full-time team members. Not only that, but you’ll have snacks galore, and plenty of chances to socialize with your fellow interns — including fun outings during work hours. We’ll have you with us full-time (think 40 hours a week for 11 weeks), and yes, it is definitely paid. Not a bad gig, right?
WillowTree celebrates our differences and provides equal employment opportunities to all team members and applicants without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Diverse teams build better products. We acknowledge that the tech industry especially lacks opportunity for those who are of non-traditional backgrounds and in underrepresented groups. In order to create the best products for everyone, we know that it's important for our team to reflect the diversity of our users, and we are committed to being the change we want to see.
Hourly Rate (USD)$31—$33 USDTags: Application security Automation CI/CD Code analysis Compliance Cryptography Java JavaScript Kotlin PowerShell Python Scripting SDLC TypeScript Vulnerabilities
Perks/benefits: Career development Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.