Security Analyst Intern

About The Position

Requirements

• Currently pursuing a bachelor’s degree in Information Security, Cybersecurity, Computer Science, or a related field.
• Basic understanding of core cybersecurity concepts, including threats, vulnerabilities, malware behavior, and authentication principles.
• Familiarity with endpoint security technologies such as XDR/EDR platforms, antivirus solutions, and patch management tools.
• Strong documentation and written communication skills, with the ability to clearly describe technical processes.
• Interest in incident response, threat analysis, or vulnerability management.
• Ability to follow structured procedures, maintain accuracy, and pay close attention to detail.
• Eligible to work in the United States without visa sponsorship now or in the future.

Responsibilities

• Monitor and analyze alerts from extended detection and response (XDR) platforms.
• Assist with triaging endpoint-related security events and escalating when necessary.
• Support vulnerability management efforts by reviewing scan results and tracking remediation progress.
• Help maintain endpoint security baselines, policies, and configuration standards.
• Participate in routine endpoint health checks to ensure agents and security tools are functioning properly.
• Create and maintain security documentation, including SOPs, runbooks, and knowledge base articles.
• Document incident response steps, findings, and lessons learned.
• Update asset inventories, security diagrams, and workflow documentation.
• Assist in developing user-facing security guidance and best-practice materials.
• Build and maintain cybersecurity dashboards in various tools and reporting systems.
• Generate weekly and monthly security metrics (alerts, vulnerabilities, patch compliance, endpoint health).
• Support automation of recurring reports where possible.
• Assist with monitoring SIEM/XDR alerts and performing initial analysis.
• Help review firewall, VPN, and authentication logs for anomalies.
• Assist with the rollout of an automated email-analysis and triage system, including initial configuration, rule tuning, and workflow setup.
• Help review and classify user-reported suspicious emails to improve the accuracy of automated decision-making.
• Participate in testing automated remediation actions, such as message quarantine or removal from user inboxes, before they are enabled in production.
• Document processes, workflows, and response playbooks related to automated phishing-email handling.
• Assist with user access reviews and privilege audits.
• Help document IAM workflows and identify opportunities for improvement.
• Support MFA and conditional access initiatives by validating access requirements and helping document configuration standards.
• Research emerging threats, vulnerabilities, and security best practices.
• Contribute to internal security awareness initiatives.