AddressSecurity Operations Center (SOC) Summer Intern
Who We Are
Legato Security is an information security firm founded upon the belief that every organization has the right to keep its data private and secure. Our mission is to build close partnerships with our clients, serving them not as just a vendor, but as trusted advisors helping to build effective, proactive plans. Our focus is always on both the technical and human elements within an organization. We believe in comprehensive strategies designed to harden networks, deflect attackers, and rapidly recover from any accidents. As technology progresses, so do our tactics, ensuring our experts are always prepared to serve forward-looking leaders eager to stay ahead of emerging threats.
Position Overview
This internship is designed to help you succeed in the cybersecurity space!
Legato Security provides SOCaaS. We are seeking a focused intern interested in gaining experiences in fighting against cyber threats. This role will report directly to the SOC manager, and work with other SOC staff on analyzing security events, investigating and responding to incidents, and other SOC duties as assigned.
A successful candidate will learn and build upon security best practices, security tool administration and maintenance, and other essential security skills such as:
- Demonstrate the ability to work independently and collaboratively to resolve and document security alerts or incidents
- Efficiently investigate a ticket with a clear, reproducible workflow and steps
- Identify critical artifacts of an alert or incident and track the event trail to determine what occurred and what actions were taken
- Resolve incidents with appropriate actions and/or provide effective suggestions for end-users or clients
- Communicate effectively with internal and external stakeholders, maintaining transparency and professionalism at all times
Our company is growing rapidly and there are growth opportunities for a candidate who can hit the ground running, is a self-starter, and who can demonstrate excellent analytical and critical thinking skills.
This position is expected to commence on or around May 20, 2024, and conclude on August 15, 2024. Please note that the dates provided are subject to change based on the needs of the organization.
Specific Job Responsibilities
- Monitor, analyze, and interpret security and system logs for events, irregularities, and potential incidents, escalating issues as necessary
- Document Standard Operating Procedures, SOC playbooks, configuration guides, and security standards
- Analyze suspicious emails and other incidents to determine false positives or necessary escalation
- Investigate and respond promptly to suspicious activities
- Utilize various security tools (e.g. SIEM, XDR, IDS/ID) and follow the principles of the CIA triad to safeguard client data
- Collaborate with team members to resolve security incidents, ensuring client security
- Communicate with users regarding potential security threats to help maintain a secure environment
- Insert responsibilities
Qualifications
- Must be eligible to intern with an expected graduation date of August ’24 – Dec ’26 (Junior, Senior, Masters)
- Preferred majors: Computer Engineering Technologies & Technicians, Software Design, Cyber Security, Information Systems Management, Computer Science, Computer Systems Networking & Telecommunications, or relevant fields
- No previous experience in cybersecurity is required but having a strong interest in the field and being able to quickly learn different tools is expected.
- Basic understanding of computer operations and networking
- Must be able to commute to the office in downtown Salt Lake City
- GPA: 3.0
- Work authorization: US work authorization is required. We are unable to sponsor or take over sponsorship of an employment or OPT/CPT Visa at this time.
Perks
- Paid internship designed to prepare you with real projects and mentorships that will last throughout your career!
- Start-up culture with an office in downtown Salt Lake City, UT
- Exposure to various applications, including CrowdStrike Falcon, Sumo Logic, Palo Alto Cortex, Area1, and many other SIEMs and MSSPs.
