Information Security Analyst Intern

Who Are We?
We are a team that brought you Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner, dedicated to providing cybersecurity, privacy, and identity protection to over 500 million users in 150 countries. At Gen, we offer flexible working options, generous time off, and competitive benefits in a diverse and inclusive environment where every team member is valued and celebrated. If you are smart, fearless, and dedicated, join us to power Digital Freedom and help consumers take control of their digital lives. 
 

What you will do in this role:

• Monitor security alerts and events across multiple platforms, including SIEM, EDR (Windows, Linux, macOS), cloud-native tools, and threat intelligence platforms, to identify suspicious or malicious activity.

• Assist with reviewing and analyzing logs from endpoints, cloud services, identity systems, and network infrastructure.

• Apply foundational knowledge of TCP/IP networking and common protocols to help identify anomalies and potential threats.

• Support the execution of incident response playbooks, including containment, mitigation, and recovery tasks, under the supervision of senior team members.

• Use frameworks like MITRE ATT&CK to understand attacker behavior and inform investigation steps.

• Collaborate with team members to fine-tune detection rules, improve alert fidelity, and reduce false positives.

• Contribute to the documentation of detection logic, investigation workflows, and best practices, contribute to continuously improving SOC services and processes.

• Participate in team meetings, threat reviews, and knowledge sharing sessions to continually develop technical and analytical skills.

• Stay informed about emerging cyber threats and trends relevant to SOC operations.

What you’ll need to be successful in this role:

• Basic understanding of networking concepts (i.e., TCP/IP, DNS, HTTP/S)

• Familiarity with cybersecurity principles and threat types (e.g., phishing, malware, brute force)

• Comfortable working with logs, alerts, and structured data

• Strong analytical thinking, attention to detail, and willingness to learn

• Good communication skills in English (written and verbal)

• Experience with security automation, SOAR platforms, or API integrations, programming skills would be considered a plus.

• Exposure to tools like SIEM, EDR, ticketing systems, or cloud platforms (AWS, Azure, GCP) would be considered a plus

• Internship or lab experience in a cybersecurity-related role would be considered a plus

Gen is proud to be an equal-opportunity employer, committed to diversity and inclusivity. We base employment decisions on merit, experience, and business needs, without considering race, color, national origin, age, religion, sex, pregnancy, genetic information, disability, medical condition, marital status, sexual orientation, gender identity or expression, military or veteran status, or other unlawful factors. Gen prohibits discrimination based on these protected characteristics and recruits talented candidates from diverse backgrounds.

We consider individuals with arrest and conviction records and do not discriminate against employees for discussing their own pay or that of other employees or applicants. Learn more about pay transparency. 

To conform to U.S. export control regulations, applicant should be eligible for any required authorizations from the U.S. Government.