About the role:
The Detection Engineering team is at the forefront of securing our organization’s infrastructure by developing, implementing, and fine-tuning detection mechanisms to identify threats in real-time. As a Detection Engineering intern, you will contribute to the development of new detection use cases to identify suspicious activity, as well as build automations that enhance and support our Security Operations and the broader team within our Defense Fusion Center. You'll collaborate with security professionals to understand adversarial tactics and contribute to building stronger defenses for our security operations.
Responsibilities:
1. Assisting in the creation and tuning of detection use cases to identify potential security threats.
2. Analyzing security logs and data to identify anomalies or potential indicators of compromise.
3. Supporting the team in automating detection workflows and playbooks for threat investigation and response.
4. Collaborating with other security teams (SOC, Incident Response, Threat Intelligence) to ensure detection rules are actionable and relevant.
5. Assisting with the development of dashboards and reports that provide visibility into security events and metrics.
6. Conducting Attack Simulations to validate use case detection logic.
7. Documenting detection processes and ensuring alignment with security policies and procedures.
Basic Qualifications:
1. Currently pursuing a Bachelor’s degree in Information Technology, Systems, MIS, Engineering, Computer Science, Cyber Security, or another related field.
2. Familiarity with scripting languages (e.g., Python, Bash) and basic automation principles.
3. Basic understanding of network and endpoint security concepts.
Preferred Qualifications:
1. Interests in IT, infrastructure, engineering, and modern end user technologies.
2. Microsoft suite proficiency.
3. Quick learner with new software or computer applications.
4. Strong analytical, business process analysis, and problem-solving capabilities.
5. Strong interpersonal skills and ability to engage and connect with internal and external partners.
6. Knowledge of operating systems.
7. Basic understanding of detection engineering concepts such as threat modeling and adversary tactics.
8. Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
9. Knowledge of the common networking and routing protocols.
#J-18808-Ljbffr