Cybersecurity Operations Intern

About The Position

Requirements

• Currently pursuing or recently completed a bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field, ideally as a junior or senior.
• Foundational understanding of network protocols, firewalls, operating systems (Linux/Windows), and cybersecurity principles.
• Procedures for detecting, containing, eradicating, and recovering from security incidents, including incident response lifecycles and reporting.
• Strong analytical and problem-solving skills with attention to detail.
• Effective written and verbal communication skills — you'll be writing runbooks, reports, and escalation summaries regularly.
• A genuine interest in cybersecurity and eagerness to learn in a fast-paced environment.

Nice To Haves

• Familiarity with SIEM platforms (Slpunk, Microsoft Sentinel, or similar), EDR tools, and ticketing systems preferred.
• Relevant course work, certification, and interest in OT/ICS security is a plus.

Responsibilities

• Monitor the SIEM alert queue daily; categorize and prioritize detections by severity.
• Perform first-pass investigation of low-to-medium severity alerts — correlating log sources, reviewing asset context, and documenting findings.
• Identify recurring false positives and escalate tuning recommendations to improve detection accuracy.
• Maintain and update triage runbooks for common alert types.
• Track alert volume, triage disposition, and mean-time-to-triage (MTTT) metrics on a weekly basis.
• Aggregate and normalize vulnerability scan outputs into actionable, prioritized lists.
• Tag findings by system owner, site, and remediation status; manage patching workflows.
• Track Patching progress and follow up with system owners on outstanding items.
• Reconcile device inventories across sites; identify rogue or unmanaged devices and flag coverage gaps.
• Analyze user accounts, conduct group membership reviews, and prepare actionable remediation lists.
• Help plan and execute phishing simulation campaigns across the organization.
• Respond to and investigate unresolved phish reports from end users.
• Compile participation metrics and build dashboard reports.
• Maintain plant-level vulnerability and device inventories. Prepare summary reports for site leadership.
• Assist plant staff in identifying and prioritizing OT security risks.

Benefits

• Hands-on experience with enterprise security tools including SIEM, EDR, Vulnerability Management, and Identity protection
• Direct exposure to real-world SOC operations — alert triage, incident escalation, and threat investigation workflows.
• Experience supporting OT/ICS security in a multi-site manufacturing environment.
• Understanding of compliance and audit readiness processes in a corporate cybersecurity program.