Security Operations Center Intern

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

Position Description

As a SOC Intern Analyst, you will work with large and small companies in variety of industries. You will develop strong working relationships with your peers within the security operations center (SOC) while learning clients’

businesses and challenges facing their organizations. You will work as part of a broader team under the direction of other analysts, senior analysts, shift leads and SOC managers in support of multiple clients.

Responsibilities

• Support in the investigation of security incidents using SIEM/SOAR tools, automation, and other cybersecurity technologies (i.e., ServiceNow, XDR, EDR, VirusTotal, Passive DNS, etc.).
• Analyze, escalate, and assist in remediation of critical information security incidents.
• Process IDS alerts and identifying incidents and events in customer data.
• Perform initial analysis and investigation into alerts as they are seen.
• Perform initial basic malware analysis utilizing automated means (static and dynamic sandbox analysis or other available tools).
• Support in the Incident intake, ticket updates and reporting of cyber events and threat intelligence.
• Understanding, identifying, and researching indicators of compromise (IOCs) from a variety of sources such as threat intelligence reports and feeds.
• Write incident reports and procedure documentation.
• Work with protocols at layers 2 and higher in the OSI model, to include ARP TCP, UDP, ICMP, DNS, Telnet, SSH, HTTP, SSL, SNMP, SMTP, and other common protocols that use well-known ports.
• Be available to work a flexible schedule depending on availability.

Skills and Experience

A successful intern candidate will have good attention to detail, troubleshooting skills, and the ability to learn new technologies and processes quickly. They should also be able to work on their own as well as within a small team. Candidates should demonstrate willingness to go the extra mile for the team's success and curiosity as well. They will be a support for problem solving, creative thinking and interested in learning their clients' business.

Basic Qualifications

• Student of 4th/5th year from an accredited university in Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security.
• Basic understanding of various operating systems such as Windows/Linux.
• Basic understanding of cloud technologies and operations.
• Basic understanding of current attack vectors and emerging threats.
• Understanding of network protocols.
• Strong analytical and troubleshooting skills.
• Must have a naturally curious mindset and approach to solving problems.
• Motivated self-starter with strong written and verbal communication skills.
• Fluent in Spanish and English (Excellent English writing and speaking skills).

Preferred Qualifications

• Basic understanding of Security Information and Event Management (SIEM/Data) tools such as Splunk, LogRhythm, Devo, Elasticsearch etc.
• Basic understanding of Common cloud platforms – Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform
• Basic understanding of Security orchestration and automated response (SOAR) tools such as: Shuffle SOAR and other open source security tools, etc.
• Basic understanding of Vulnerability tools such as: Kenna, Tenable, Qualys, etc.
• Basic understanding of EDR such as: Crowdstrike, Carbon Black, etc.
• Basic understanding of the Incident Response life cycle.
• Basic understanding of intrusion set tactics, techniques, and procedures (TTPs) utilized by threat actors

At RSM, we offer a competitive benefits and compensation package for all our people.  We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients.  Learn more about our total rewards at https://rsmus.com/careers/working-at-rsm/benefits   https://rsmus.com/careers/el-salvador.html. 

RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Salvadoran Military/Veteran status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation.  

Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.