Cybersecurity Intern, Strategy and System Assessment – CSOC
Open to USF active & enrolled students only
Position Location: Tallahassee, FL
Job ID 32721
$30 per hour (20 hours per week)
$30,000 in stipends (multiple payments throughout the program; dependent on program completion)
January 9, 2023 – June 30, 2023
This internship will provide training and practical experience in cybersecurity operations. This will include cybersecurity incident monitoring and response, cybersecurity threat hunting and remediation, exposure to cyber-attack simulations used to identify gaps and vulnerabilities, testing new cybersecurity solutions and services, and assisting state agencies with adherence to new cybersecurity policies, regulations, and processes. The experience will benefit scholars planning a career in the cybersecurity field, specifically in the public service or governmental sector.
This opportunity is best suited for scholars who enjoy thinking critically and strive to find new ways to resolve complex issues while working as part of a team to help keep the State of Florida Enterprise secure and resilient. Interns will gain practical work experience to augment their education and career preparation and will be mentored by a full-time professional manager.
Duties and Responsibilities
Conduct incident response activities (information gathering, log analysis, indicators of compromise (IoC) searches, network traffic analysis, inter-agency, and external partner coordination, etc.), track cyber incidents and compile IoC information to conduct threat hunting activities, conduct research, and analysis of threat intelligence, determine exploitable vulnerabilities existing in the enterprise, and determine possible scope and impact in the event of an attack.
Scholars will assist with the following:
- Cybersecurity framework mapping.
- Gain an understanding of FIPS 199 and NIST 800-53.
- Assess agency system security plan – ensure controls are in place consistent with the system classification.
- Assess certifications – ensure testing of controls validates their existence and effectiveness.
- Assess additional documentation supporting control implementations – ensure additional documentation and further evidence of the existence of required controls.
- Recommend a course of action – determine whether an agency should be issued an Authority to Operate.
- Gain an understanding of governance, risk, and compliance (GRC).
- Policy and project management of cybersecurity solutions and strategies.
- Business analysis and operational impact.
- Contract and product analysis.
- Day-to-day operations.
- Related duties as required.
Knowledge, Skills, and Abilities
- Basic understanding of cybersecurity concepts.
- Basic understanding of information systems and computer networking.
- Exposure to cybersecurity tools such as log analysis solutions, anti-virus, extended detection and response solutions, security information and event management (SIEM), and intrusion detection and prevention systems (IDS/IPS).
- Basic understanding of network architecture and interconnecting systems (routers, switches, firewalls, demilitarized zone (DMZ), servers, etc.).
- Basic understanding of cybersecurity threats and vulnerabilities.
- Familiarity with cybersecurity frameworks and regulatory and compliance standards (NIST CSF, ISO, HIPAA, PCI DSS, etc.).
- Exposure to governance, risk, and compliance (GRC) solutions and procedures.
- Exposure to vulnerability management and vulnerability assessment tools.
- Exposure to penetration testing procedures and solutions.
- Understanding of project management techniques and exposure to technology project implementation.
- Knowledge of the software development lifecycle and exposure to the implementation of technology (especially cybersecurity) solutions.
- Student classification of the undergraduate level of junior or senior, or graduate level masters or PhD.
- Two Semester commitment is required.
- A declared major field of study from the list below is required.
- Students must be in good academic standing.
- U.S. citizenship is required.
- Candidates are required to successfully undergo a criminal background check and complete CJIS certification which requires fingerprinting.
- This is an in-office position. Students are required to work onsite in the FL[DS] office in Tallahassee, FL.
Fields of Study
Cybersecurity, Computer Science, Information Technology.
A resume, a statement of interest (one page), and unofficial transcripts are needed to apply.
If selected, additional contracts are required to complete the hiring process.