Voltus is a remote energy startup focused on providing intelligent solutions for the grid. We are committed to maintaining a secure, reliable, and compliant platform for our customers and partners. Our security team is pivotal in ensuring the integrity of our systems and data.
The Opportunity
We are seeking a highly motivated and detail-oriented Security Intern to join our team. This role is an excellent opportunity to gain hands-on experience in a fast-paced environment, contributing to real-world security challenges in a cutting-edge industry. You will work closely with the security, engineering, and IT teams to support and improve our security posture.
This is a full-time, 40 hour/week internship with a potential start date of March 15th.
Responsibilities and Duties
The Security Intern will be responsible for supporting various security functions, with a focus on process improvement and automation.
- Assist in the triage, prioritization, and tracking of vulnerabilities identified in our systems and applications.
- Contribute to the security risk assessment process by documenting potential threats and associated controls.
- Contribute to the creation and maintenance of security documentation, including standard operating procedures (SOPs) and incident response playbooks.
- Assist in the real-time monitoring of security alerts and logs generated by various security tools (SIEM, endpoint detection, firewalls, etc.).
Software Supply Chain and Application Security
- Contribute to efforts related to understanding software dependencies and the security of the software supply chain.
- Assist in reviewing and providing feedback on engineering design documents from a security perspective.
Security Operations and Compliance Support
- Support compliance efforts, including data gathering and documentation for audits such as SOC 2.
- Help maintain and improve security policies and procedures, focusing on making them clear and actionable.
- Assist in defining and implementing a clear division of security and IT responsibilities (e.g., RACI matrix).
Tooling, Automation, and Process Improvement
- Identify opportunities to automate manual security tasks, such as access reviews and compliance evidence collection, to enhance efficiency.
- Support the integration of security workflows with internal tooling and systems.
Performance and Expectations
- Growth and Learning: Demonstrate a strong willingness to learn about security best practices, cloud security (e.g., AWS services), and vulnerability management.
- Proactivity and Automation: Seek out opportunities to automate repetitive tasks and improve operational processes.
- Documentation and Communication: Maintain clear and concise documentation of work, including process write-ups and risk summaries.
- Tool Familiarity: Develop an awareness of security tools used for:
- ○ Vulnerability detection and scanning.
- ○ Logging, monitoring, and alerting in a cloud environment.
- ○ Managing application dependencies and software artifacts (SBOM).
Qualifications
- Bachelor's degree in Computer Science, Cybersecurity, Information Security, or related technical field OR currently pursuing Master's degree with relevant technical background.
- Working knowledge of Linux/Unix systems and command-line tools
- Proficiency in scripting/programming (Python, Bash, Go, or similar)
- Understanding of core security concepts: authentication/authorization (OAuth, RBAC), network security, encryption, vulnerability management
- Familiarity with compliance frameworks (SOC 2, ISO 27001, NIST CSF, or similar)
- Strong written and verbal communication skill - you'll be writing technical documentation, policies, and status reports
- Proficiency with common office applications and collaborative tools (e.g., Google Workspace).
Preferred
- At least one prior security, DevOps, or infrastructure internship OR 1+ years relevant work experience
- Experience with infrastructure-as-code (Terraform, CloudFormation) or CI/CD pipelines
- Previous involvement in audit or compliance processes
- Hands-on experience with at least one major cloud platform (AWS strongly preferred, GCP or Azure)
- Prior work with vulnerability scanning tools (Nessus, Qualys, AWS Inspector, Snyk, etc.)
- Understanding of containerization and orchestration (Docker, Nomad, Kubernetes)
- Familiarity with API security and authentication patterns
Benefits
- Remote Environment
- Hands-on experience with enterprise-level security practices and compliance standards.
- Opportunity to work remotely with a dynamic, dedicated team.
- Direct exposure to high-impact projects, including application security, infrastructure security, and compliance.
- Mentorship from experienced security professionals.
