Back to jobs
Junior Security Engineering Cohort
Fort Worth, Texas
About the Role
Koddi is excited to announce a Security Engineering training program geared toward recent graduates with Computer Science, Cybersecurity, Information Technology, or related degrees, as well as recent grads who have completed relevant bootcamps. The Koddi Impact Program is an intensive 8-week training program that provides hands-on experience across core areas of Security Engineering at Koddi. In addition to technical training we provide instructor-led and self-paced leadership development opportunities.
Program Highlights
- Work with industry-leading experts to gain hands-on knowledge in cloud and application security
- Gain a comprehensive understanding of the Koddi business and the platforms that power it
- Learn security best practices across infrastructure, applications, and CI/CD pipelines
- Have the opportunity to share findings, present ideas, and contribute to security initiatives
- Participate in leadership workshops and soft skill development
- Receive executive mentorship and peer-to-peer support throughout the program
What You’ll Do
- Monitor and triage security alerts from AWS GuardDuty, Azure Defender for Cloud, and Datadog - first-line review, categorization, and escalation during business hours
- Run vulnerability scans, categorize findings, and track remediation status in the team’s ticketing system
- Review Terraform PRs for common security misconfigurations - open security groups, missing encryption, overly permissive IAM policies - against a defined checklist
- Contribute to security documentation - policies, runbooks, and procedure updates are a first- year ownership area
- Support CI/CD pipeline security - adding SAST checks and secret scanning steps (GitHub Advanced Security, Trivy) as directed
- Participate in incident response post-mortems as a contributor and note-taker, building toward running investigations independently
- Shadow senior engineers on IAM policy reviews, cloud security control implementation, and threat modeling sessions
- Attend team ceremonies - daily standups, biweekly retrospectives, and Architecture Review Board (ARB) sessions
What You’ll Learn
Koddi’s security work spans dual-cloud infrastructure (AWS and Azure), Kubernetes, and active CI/CD pipelines. During the program and your first year, you’ll get hands-on with the team’s real toolset:
- AWS GuardDuty and Security Hub - cloud-native threat detection, finding triage, and remediation workflows
- Azure Defender for Cloud - cloud security posture management on the Azure side of Koddi’s dual-cloud setup
- Datadog - Koddi’s primary observability platform, used for security log analysis, alerting, and dashboard-driven monitoring
- Trivy and container scanning - image vulnerability scanning integrated into EKS and AKS CI/CD pipelines
- GitHub Advanced Security and SAST - secret scanning, code scanning, and dependency review integrated into GitHub Actions pipelines
- Terraform security review - reading and reviewing IaC for security misconfigurations; the team uses Terraform extensively across networking, compute, and identity modules
- IAM fundamentals in practice - AWS IAM policies, Azure RBAC, and service account lifecycle management on live infrastructure
What You’ll Bring
Required
- Graduating by May 2026 with a BS/MS in Computer Science, Information Technology, Cyber-security, or a related field - OR - completion of a rigorous bootcamp with demonstrated security or systems coursework
- Available onsite in Fort Worth, TX Monday-Friday during the 8-week cohort, and full-time after
- Foundational understanding of the CIA triad, OWASP Top 10, and common vulnerability classes - not just terminology, but the ability to explain why a misconfigured IAM policy or exposed secret creates real risk
- Basic IAM literacy - you can explain the difference between authentication and authorization, what a role vs. a policy is, and why least-privilege matters
- At least one scripting language at a functional level (Python or Bash) - not just “familiarity,” but the ability to write a simple script to parse logs or automate a check
- Git/version control fluency - branching, PRs, and commit history review are part of the IaC security workflow
- Linux/Unix command-line comfort - file permissions, process inspection, log tailing; security work happens at the command line
Nice to Have
- AWS security exposure (GuardDuty, Security Hub, IAM policies in practice) - even coursework or free-tier labs count
- SIEM tool experience - Datadog, Splunk, CloudWatch Logs Insights, or similar
- SAST, DAST, or container scanning exposure
- CTF participation or bug bounty activity with documented findings or write ups
- Security certifications in progress or completed (CompTIA Security+, AWS Security Specialty, CEH)
- Azure security exposure (Defender for Cloud, Azure RBAC, Entra ID)
Apply for this job
*
indicates a required field