Security Internship - Detection and Response Intern
Vancouver, BC
We are committed to diversity as both a moral and business imperative.
Eligibility Statement To apply, students must be enrolled in either a four-year undergraduate program or a Masters, or Phd program at a university or accredited education institution in Canada. Students must also be already located in or willing to relocate to Vancouver for the duration of the internship. You must have at least completed your 2nd (undergrad) year prior to the start of the internship program. A cumulative minimum GPA of 3.2 is strongly recommended and official transcripts may be requested to validate your eligibility.
Candidates from historically underrepresented groups are encouraged to apply.
Application & Selection ProcessStudents interested in applying will be asked to complete an online application process which typically includes the following:
- General background information (e.g. contact information, details about your current university or institution) - Resume/CV and statement of interest - Academic transcript from your current university or institution - Response to our short answer prompt - Formal interview(s) with hiring manager and team-fit representative
Applicants will be selected based on the overall strength of all of their application materials compared to the entire applicant pool. In addition, applications are stored for at least one (1) year, unless otherwise requested, allowing hiring managers the opportunity to hire interns based on business needs. There is not a pre-identified number of positions available per internship season and is solely based on business needs.
About the RoleAt Highspot, our interns work on projects that Invent the Future and your team will rely on your skills and insights to Make it Happen. This is a unique chance to bring your unique skills, knowledge, and ideas to life while working on enabling the maturity of a new generation of cybersecurity protecting the Highspot platform and organization. You will be on the front lines of innovation developing capabilities focused on building solutions as Highspot evolves to fortify and safeguard against threat actors.
The internship is designed for you to do hands-on meaningful work and an opportunity to learn and grow. You'll foster one of our guiding principles: Learn it all, not know it all. While you’re making it happen, you’ll also experience our diverse community employee resource groups, senior staff engagement, and participate with like-minded engineering and security professionals.
Projects vary depending on business needs, experience, and/or location. You’ll work closely during your internship with our People team, hiring manager, and crew buddy to help you with your day-to-day.
Join Highspot today and help us Invent the Future.
What You Will Do
- Build new security detections to support daily operations and faster, more accurate, identification of threats.
- Leverage threat intelligence and intrusion data of adversary behaviors to create new high-fidelity security detections.
- Conduct research to understand emerging trends, provide feedback to security leadership, and provide intelligence reports to influence the DnR Strategic Roadmap.
- Collaborate on ways to improve detection and response capabilities.
- Champion the team’s mission and regularly communicate/collaborate with internal business units and stakeholders outside of the security organizational structure.
- Provide detailed Security Event Post Mortem Reports for lessons learned and create action items to improve processes, workflows, and security posture.
- Foster relationships between internal security organizations, product teams, and non-technical teams as a security champion to provide security consultation as they develop product features, infrastructure, workflows, and processes.
What You Will Bring
- Proficiency in at least one (Not Necessarily All) of the following areas - Incident Response/Threat Hunting/Threat Intelligence/Detection Engineering.
- An understanding of Threat Actor TTPs (MITRE ATT&CK, Diamond, Cyber Kill Chain).
- An ability to engineer and develop innovative solutions in the domains of Threat Intelligence, Threat Hunting, Detection Engineering, and Incident Response.
- Written and verbal communication skills to describe security event details and technical analysis with audiences within the cybersecurity organization and both Technical and Non-Technical groups.
- Proficiency in at least one programming language or technology, including, but not limited to Java, Ruby, Python, Go, Clojure, or similar programming languages
- An understanding of log analysis from multiple sources (Endpoint, IDS, Network, Cloud, etc) to identify and investigate security events and incidents.
- Possesses a natural curiosity to investigate the how and why of security incidents.
- Passionate about stopping adversaries with both well established proven methodologies and innovative techniques/processes.
- Ability to operate independently
- Customer Service-oriented approach in partnering with Organization Business Partners and Stakeholders.
Projects You Might Lead
- Threat Intelligence, developing open source intelligence pipeline
- Detection Pentesting, conducting well-scoped exercises to validate controls and identify gaps
- Detection Infrastructure, develop automated workflows to process detections and mitigate found vulnerabilities automatically
Did you read the requirements as a checklist and not tick every box? Don't rule yourself out! If this role resonates with you, hit the ‘apply’ button."
Tags: Analytics Clojure Cloud Cyber Kill Chain IDS Incident response Java Log analysis MITRE ATT&CK Open Source Pentesting PhD Python Ruby Threat intelligence TTPs Vulnerabilities
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs