Threat Detection Engineering Intern
Carlsbad, California, United States - Remote
Applications have closed
Proficio
Proficio MDR expands the scope of a typical MSSP to provide organizations deeper cybersecurity threat detections to stay protected.Proficio is an award-winning managed detection and response (MDR) services provider. We provide 24/7 security monitoring, investigation, alerting and response services to organizations in healthcare, financial services, manufacturing, retail and other industries. Take a video tour of our global network of 24/7 Security Operations Centers (SOCs).
Proficio has been highlighted in Gartner’s Market Guide for Managed Detection and Response Services for the last five consecutive years. MSSP Alert ranks Proficio among the top 250 global Managed Security Services Providers (MSSPs).
We have a track record of innovation. Proficio invented the concept of SOC-as-a-Service. We were the first MSSP to provide automated response services and are the only company in our space with a patent for cyber risk scoring and security posture gap analysis.
Our typical client is a medium to large-sized organization that lacks the in-house resources to address the challenges of a rapidly changing threat landscape. The difficulty of hiring and retaining cybersecurity professionals are widely understood. Our prospective clients are also challenged to effectively harness technology and build hardened processes that reduce the risk of security breaches.
While Proficio has developed a unified service delivery platform designed to meet the needs of the most demanding clients, what sets us apart is the quality and passion of our people. We believe the SOC of the Future will meld the creativity of human intelligence with the power of advanced technologies like AI.
Proficio’s commitment to developing and promoting our team members is unparalleled in our industry. Most of our senior managers were promoted from within.
Job SummaryThe Threat Detection Engineering Intern will support the team performing tasks to ensure the proper and timely on-boarding of new customers in the SIEM. With direction from other members of the team, this role will work with to modify, customize, and apply use cases from our library, based on customer functionality and alerting requirements. Works on assigned task to ensure timely deployment of our services, automation the alerting process, creation of reporting and dashboards, and coordination with other internal departments to ensure continuous customer satisfaction. The Threat Detection Engineering Intern is focused on whitelisting, tuning, onboarding, and development tasks that require quick turnaround time.
Responsibilities
- Perform portions of the SIEM onboarding tasks for new customers helping to ensure appropriate content and resources are deployed correctly.
- Learn to configure alerts and functionalities in the SIEM to facilitate immediate processing of incoming logs
- Work closely with our Security Analyst team to provide real time translation from alerting to use case adaptation. This work will include correcting templates, modifying rules, and collaborating with the full use case/content team on new use case creation.
- Process use case development tickets from our customer request queue. This generally involves clarifying intent through internal resources to provide the most accurate response to our clients need.
- Work closely with our Engineering, Analyst, and R&D teams to understand our complete service offering to identify and resolve problems for our customers and create a better platform for our service delivery team.
- Participate and perform other tasks as may be required for this role.
Requirements
- Education in cybersecurity including data ingestion and knowledge of SIGMA and MITRE framework
- 1+ college course on Splunk SIEM (open source version) and/or project work in Elastic related to SIEM operations
- Associate or bachelor’s degree in computer science or combination of relevant education and experience is preferred.
- Must be willing and able to complete trainings/certifications (including SPLUNK, AWS, etc.) for self -improvement or as may be required for the role.
- Basic understanding of the current threat landscape including knowledge of different threat actor profiles and attack methods.
- Demonstrated knowledge of general networking principles including full knowledge of TCP/IP communication, the OSI model, common network ports, and basic network defense
- Coursework on Unix or Linux system administration including command line
- Fundamentals understanding of the threats reported by various data sources such as IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies.
- Scripting skills in Python, Bash, or PowerShell
- Excellent communication and presentation skills within a team setting in a collaborative manner
- Quick learner and intuitive thinker – the more you learn, the faster you’ll grow!
- Effective documentation and time task management skills
- Confidence in independently delivering effective technical solutions
- Excellent problem-solving skill, ability to identify and apply appropriate technical resolutions.
- Must protect client and company proprietary information and always maintain confidentiality.
Benefits
- Opportunity to work in a progressive organization with structured training and roadmap for success
- Lunches and fun employee activities!
- Experience in one of the hottest IT industries today
Proficio is an EOE employer.
Tags: Automation AWS Bash Computer Science Firewalls IDS IPS Linux Monitoring Open Source PowerShell Python R&D Scripting SIEM SOC Splunk TCP/IP Threat detection UNIX
Perks/benefits: Flex vacation
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs