Intern Application Security Engineer

At Commerce our mission is to empower businesses to innovate grow and thrive with our open AI-driven commerce ecosystem. As the parent company of BigCommerce Feedonomics and Makeswift we connect the tools and systems that power growth enabling businesses to unlock the full potential of their data deliver seamless and personalized experiences across every channel and adapt swiftly to an ever-changing market. We believe in harnessing AI responsibly to unlock new possibilities and we’re looking for individuals who use it intentionally to solve problems accelerate outcomes and expand what’s possible in their role. Our purpose is to help businesses confidently solve complex commerce challenges so they can build smarter adapt faster and grow on their own terms. If you want to be part of a team of bold builders sharp thinkers and technical trailblazers who shape the future of commerce this is the place for you.

• Learn the structure goals and day-to-day operating model of the BigCommerce Application Security program.
• Support improvements to AppSec tooling reporting documentation and team processes.
• Assist with organizing or refining vulnerability management workflows intake processes dashboards or knowledge base materials.
• Shadow AppSec engineers during security reviews bug hunting triage and remediation discussions.
• Participate in guided hands-on security activities such as testing reproducing findings researching vulnerabilities or validating fixes.
• Observe how the team partners with engineering product infrastructure and incident response teams.
• Contribute to a small intern project that improves the AppSec team’s ability to measure communicate or scale its work.
• Present a short summary of learnings recommendations and completed work at the end of the internship.

• Current student or early-career candidate pursuing cybersecurity computer science software engineering information systems or a related field.
• Interest in application security ethical hacking secure coding vulnerability research or software development.
• Familiarity with basic web application concepts APIs Git scripting or common security topics such as OWASP Top 10.
• Curiosity good judgment and willingness to ask questions.
• Strong written communication skills and ability to document findings clearly.
• Ability to work with a team follow guidance and handle sensitive information responsibly.

• Coursework labs CTF participation personal projects or prior internship experience related to cybersecurity or software development.
• Exposure to tools or concepts such as SAST DAST SCA threat modeling vulnerability management or cloud security.
• Basic scripting experience in Python JavaScript Bash or a similar language.

• Practical exposure to how an application security program operates inside a SaaS company.
• Experience with real AppSec tooling workflows and vulnerability management practices.
• Mentorship from security engineers and exposure to engineering partnership models.
• A clearer understanding of potential career paths in application security product security and cybersecurity.

The national base salary range for this role is posted above in this job post.

Final compensation will be determined based on factors such as relevant experience skills qualifications and geographic location. We also consider internal equity to help ensure fair and consistent pay practices across our teams.

Where applicable this role may also be eligible for variable compensation (such as bonus or commission) equity and benefits in accordance with local policies. Details will be shared during the hiring process. We are committed to equitable and transparent pay practices that align to market data internal equity and individual contribution.

At Commerce we believe that celebrating the unique histories perspectives and abilities of every employee makes a difference for our company our customers and our community. We are an equal opportunity employer and the inclusive atmosphere we build together will make room for every person to contribute grow and thrive.

We are committed to creating an inclusive and accessible hiring experience for all candidates. If you require accommodations or adjustments at any stage of the recruitment process please let us know and we will work with you to meet your needs.

Learn more about the Commerce team culture and benefits at https://www.commerce.com/careers/

Commerce along with many other employers has become the subject of fraudulent job offers to hopeful prospective job seekers.
Be advised:
Commerce does not offer jobs to individuals who do not go through our formal hiring process.
Commerce will never:

• require payment of recruitment fees from candidates;

• request personally identifiable information through unsanctioned websites or applications;

• attempt to solicit money from you as part of the hiring process or as part of an employment offer;

• solicit money to complete visa requirements as part of a job offer.

If you receive unsolicited offers of employment from Commerce we urge you to be extremely cautious and avoid engaging or responding.

What We Do

Commerce (Nasdaq: CMRC) empowers businesses to innovate grow and thrive through an open AI-driven commerce ecosystem. As the parent company of BigCommerce Feedonomics and Makeswift we help brands unlock the full potential of their data connect systems and deliver seamless personalized experiences across every channel. Visit commerce.com or follow us for more. #PoweredByCommerce

Why Work With Us

Ask any employee what makes Commerce unique they will tell you it's the people. The team is full of brilliant dedicated individuals focused on revolutionizing the world of ecommerce. We foster a culture that encourages inclusion of every employee celebrating our individuality and the values that bring us together.

Gallery