Threat Detection Co-Op

About The Position

Requirements

• Basic understanding of cybersecurity concepts like firewalls, intrusion detection/prevention systems, and network protocols.
• Experience with log analysis tools (e.g., Splunk, ELK Stack)
• Familiarity with scripting languages (e.g., Python) for automation tasks
• Strong analytical and problem-solving skills
• Attention to detail and ability to identify anomalies in data
• Interest in cyber security threats and emerging trends

Responsibilities

• Updating Various Documentation and process.
• Maintain up-to-date knowledge bases for common troubleshooting steps.
• Assist in structuring internal Confluence pages for better usability.
• Create Devo Dashboards.
• Build visualizations for security event trends.
• Enhance existing dashboards by incorporating new data sources.
• Automate reports that are currently being generated manually.
• Respond to easy-to-handle RFIs.
• Identify and flag inconsistencies in client data.
• Creating a Virtual Lab for Testing Detection Logic.
• Set up a virtual testing environment to validate new detection rules.
• Simulate attack scenarios to measure rule effectiveness.
• Document findings and provide feedback on rule performance.
• Assist in developing a structured testing process for new detections.
• Identifying Areas for Automation and Logging Improvements.
• Develop guides for common workflows to help onboard future interns.
• Creating Dashboard Simulations from SW Data or Data Lake.
• Develop datasets for testing detection logic.
• Build dashboard simulations to visualize security incidents, coverage, vulnerabilities, and overall gaps.
• Compare simulated data against actual alerts to identify gaps.
• Document key discussions, action items, and follow-ups.
• Relay important insights back to the TDE team.
• Help bridge communication gaps between different teams.