Enterprise Threat and Vulnerability Intern
What the Software Engineering Institute (SEI) Does
The SEI helps advance software engineering and cybersecurity principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with government, industry, and academia to continually improve software-intensive systems. Our core purpose is to help organizations improve software engineering and cybersecurity capabilities and develop or acquire the right software, defect-free, within budget and on time, every time.
As an Enterprise Threat and Vulnerability Management (ETVM) intern, you will contribute to the data collection and analysis efforts of the CERT Insider Threat Incident Corpus. You will follow an established process to gather data related to insider incidents, code the case data, and store the coded case in a database. Additionally, you will assist with the design of metrics, refinement of processes and documentation, and automation of portions of the data collection and case coding processes. You will contribute to the team’s larger research efforts by querying the Insider Threat Incident Corpus to answer specific research questions, identifying patterns or trends, and sharing lessons learned through blog posts, research posters, or presentations. You will gain knowledge and skills in the cybersecurity domain, working alongside subject matter experts to enhance the state of the art in insider threat mitigation.
The role requires an interdisciplinary skillset and is not a software engineering position. As such, we are looking for candidates from a number of backgrounds, including:
· Individuals with an interdisciplinary social science or technical skillset. Individuals with this kind of background may have started in one discipline and shifted to another, or already applying interdisciplinary approaches in their scholarship. These interns will get a chance to apply their broad set of skills to our incident collection and analysis processes.
· Individuals with a more heavily technical skillset. These individuals may be tasked with maintaining and updating databases or applications, but also have opportunities to expand their skillsets by writing documentation and/or blog posts.
· Individuals with a policy, research, or legal background. These individuals may be asked to analyze incident data with regards to external standards or legal guidelines. These individuals will gain experience with using technical approaches, which may enhance the kinds of research that they might want to do in the future.
Regardless of background, ETVM interns are given the opportunity to collaborate with full-time staff on growing not only the CERT Insider Threat Incident Corpus, but also the intern’s own unique skillset. Interns will be work with full-time staff to identify professional goals and outcomes for their time with ETVM.
Functional Roles & Responsibilities
* Case Coding
* Database Management
* Knowledge Management (e.g., documentation)
* Software Development
* Data Analysis
* Project Management
* Enrolled in a degree-granting program
* US Citizen
* Subject to a background check
* Interest in Cybersecurity & Risk Management
Knowledge, Skills, and Abilities
* Database familiarity (preferably Microsoft Access and/or Microsoft SQL Server)
* Data analysis in Python, R, or Excel
* Familiarity with research methods (data collection and coding, analysis)
* Proficiency rapidly learning and applying new tools and techniques
* Python, particularly with Jupyter Notebooks
* Technical writing
* Visual Basic for Applications (VBA)
* Task management or ticketing applications, such as JIRA
Post-Graduation, Our Interns Have These Job Titles
* Cybersecurity Engineer
* Cybersecurity/Insider Threat Researcher
* Cybersecurity/Insider Threat Analyst
* Information Security Analyst
* Database Administrator
* Security Consultant