DevSecOps Intern

Every day, ePayPolicy helps over 10,000 insurance companies speed up incoming and outgoing payments. By helping them move from manual, outdated forms of payment collection to modern payment tools, we help their companies work faster and more efficiently. (Check out our almost 5-star customer reviews.)

How do we do it? With powerful payment tools that just work. Our secure, online ACH and credit card payment page is the core product for many of our companies. But we also provide an integrated suite of helpful features for insurance companies of all sizes, including point-of-sale financing, payables network tools, and check reconciliation, all within a single dashboard.

Our expert, live support team helps deliver exceptional care every day, with an industry-leading 97% customer retention rate. Our customers love us. We love them.

Founded in 2014, our growing team is based in Austin, TX, and has clients in all 50 US states. We’ve grown over 300% in the last three years - with big plans for the future.

Job Description:

The DevSecOps Intern will play a crucial role in bridging the gap between our development, operations, and security teams. Reporting directly to the Head of Information Security as part of the Security Operations Center (SOC), this position offers a unique opportunity to gain hands-on experience in automating security controls, securing cloud infrastructure, and building "security by design" into our software delivery lifecycle.

You will work to ensure that ePayPolicy’s systems remain secure without slowing down the speed of innovation, learning to implement security checks within CI/CD pipelines, and assisting in the protection of our payment platform.

In this role, you will:

• Gain familiarity with ePayPolicy’s application architecture and cloud infrastructure (Azure) to identify potential security enhancements.

• Monitor and analyze findings from automated security testing tools (SAST/DAST/SCA) within our CI/CD pipelines to identify valid vulnerabilities.

• Collaborate with the SOC team to improve alert fidelity and automate incident response actions using scripting (Python, Bash, or Go).

• Review and analyze vulnerability scan results, working with engineering teams to track remediation efforts.

• Conduct internal vulnerability assessments or targeted validation tests to validate security controls and verify that patches are effective.

• Help design and implement automated compliance checks for industry standards such as PCI DSS 4.0 and SOC 2.

• Monitor cloud environments for configuration drift and assist in enforcing Zero Trust principles across the organization.

• Create and update technical documentation for security tooling, workflows, and automation scripts.

• Participate in security code reviews and assist developers in understanding best practices for secure coding.

What you bring:

• A background in Computer Science, Cybersecurity, or Information Systems—whether you are currently pursuing a degree, possess equivalent self-taught skills, or are a developer looking to transition into the security field.

• Demonstrated understanding of DevOps principles, version control (Git), and CI/CD pipelines through coursework, labs, or personal projects.

• Proficiency in at least one scripting or programming language (Python, Bash, JavaScript, or Go) – you should be comfortable writing scripts to automate tasks.

• Working knowledge of cloud computing services (specifically Microsoft Azure) and containerization concepts (Docker).

• Solid foundation in networking concepts (TCP/IP, DNS, HTTP) and operating system security (Linux/Windows).

• A strong interest or passion for penetration testing and DevSecOps methodologies, with a desire to learn how to break and secure modern applications.

• A proactive, problem-solving mindset with a passion for automation and cybersecurity.

• Strong communication and interpersonal skills, with the ability to explain technical security concepts to various stakeholders.

• Ability to work independently and prioritize tasks in a fast-paced, agile environment.

While our interns are not eligible for insurance, 401K, or Unlimited PTO plans, they will have access to the following benefits:

• Company Holidays

• In-office perks (Daily lunch stipend, access to the onsite gym, and two fully-stocked kitchens)

• Company provided laptop

• Open invite to company-events

• Company swag

Why ePayPolicy

• Competitive salary

• Comprehensive benefits package with employer-paid basic life and disability premiums

• 401K

• Unlimited PTO

• Company-sponsored quarterly “ePayItForward” initiatives 

• Supportive and inclusive company culture with a focus on work/life balance

• Fully-stocked kitchen

• Lunch stipend when working onsite

• Open communication (We won’t box you in! If you have a cool idea for a product improvement or a suggestion on how to improve the customer experience, let’s talk about it. We value everyone’s ideas and opinions.)

• Huge opportunity for growth

We operate on a hybrid schedule for in-office employees. Standard schedules are three days per week in the office, however, the cadence and days are determined by each team and manager. 

We value diversity here at ePayPolicy and understand the importance of creating a safe and comfortable work environment, encouraging individualism and authenticity in every member of our team. We strive to create an accessible and inclusive experience for all candidates. If you need an accommodation during the application or recruiting process, please submit a request to our team via this Interview Accommodation form: https://forms.gle/xKppyKTSqfTUi7hz5