Cybersecurity Operations Center (CSOC) Student Analyst
About The Position
UF Information Technology (UFIT) is seeking an entry-level Cybersecurity Student Analyst to join the Information Security Office’s Cybersecurity Operations Center (CSOC). The CSOC is a joint operation supporting both the University of Florida and the State of Florida's Department of Management Services, providing coordinated cybersecurity monitoring, detection, and response capabilities. This role primarily focuses on protecting university and state data and systems against cyber-attacks, utilizing threat intelligence sources and detection tools to identify and prevent invasive attacks, and applying established processes to respond to cybersecurity incidents. The position offers hands-on experience in real-world cybersecurity operations, supporting dual security missions under the supervision of the UFIT Information Security Cybersecurity Detection and Response (CDR) Team Lead and the direction of the State of Florida's Associate CISO.
Requirements
- UF Student Assistant
- Open to all UF students eligible to work on campus
- Must maintain a minimum 2.0 grade point average
- Must be at least 18 years of age
- A Level 2 Criminal Background Screening is required
Nice To Haves
- Completed coursework in network security, security operations, incident response, or digital forensics
- Industry certifications or completion of cybersecurity bootcamps/training programs
- Previous IT/cybersecurity internship, work experience, or personal lab projects
- Participation in cybersecurity competitions, CTF events, or student organizations
- Proficiency in Windows and Linux operating systems
- Basic scripting (Python, PowerShell, or Bash)
- Log analysis and SIEM query writing
- Network protocol analysis
- Technical writing and documentation
- Strong analytical and problem-solving abilities
- Effective written and verbal communication
- Ability to work collaboratively in team environments
- Self-motivated with strong attention to detail
- Capable of handling sensitive information with confidentiality
Responsibilities
- Monitors user activity, network events, and threat detection alerts from security tools to identify adverse or suspect events.
- Conducts initial triage to distinguish false positives from legitimate security threats, filtering and validating incoming alerts to prioritize them for further investigation.
- Collects contextual data, such as IP reputation, user identity intel, and endpoint events, to enrich analysis and verify the scope and validity of potential threats.
- Conducts containment and mitigation actions to neutralize threats and minimize impact.
- Escalates incidents to the Computer Security Incident Response Team (CSIRT) when necessary and may participate as a CSIRT member during major security incidents.
- Identifies and assesses security vulnerabilities in the university's computing infrastructure.
- Takes appropriate action based on the technical implications of vulnerabilities found.
- Documents investigation findings, response actions, and lessons learned to maintain institutional knowledge.
- Creates and updates security playbooks, standard operating procedures, and technical documentation.
- Contributes to the continuous improvement of CSOC operations.
- Collects and contributes to operational and management security metrics required to inform stakeholders and support continuous improvement.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Part-time
Career Level
Intern
Education Level
No Education Listed
Number of Employees
1,001-5,000 employees
