Threat Detection Co-Op
As a Threat Co-Op you will be assisting the DeepSeas Cyber Security team in identifying and analyzing potential cyber threats by monitoring network activity, analyzing logs, conducting threat hunting, and investigating security alerts, with a focus on developing skills in identifying malicious behavior and responding to potential security incidents within an organization's systems
DeepSeas Interns will walk away with:
- Hands-on experience in threat detection and response practices
- Develop skills in using advanced security tools and techniques
- Understand the threat landscape and latest attack methodologies
- Network with experienced cybersecurity professionals
- Contribute to real-world security operations and incident response activities
Key Responsibilities
- Updating Various Documentation and process.
- Maintain up-to-date knowledge bases for common troubleshooting steps.
- Assist in structuring internal Confluence pages for better usability.
- Create Devo Dashboards.
- Build visualizations for security event trends.
- Enhance existing dashboards by incorporating new data sources.
- Automate reports that are currently being generated manually.
- Respond to easy-to-handle RFIs.
- Identify and flag inconsistencies in client data.
- Creating a Virtual Lab for Testing Detection Logic.
- Set up a virtual testing environment to validate new detection rules.
- Simulate attack scenarios to measure rule effectiveness.
- Document findings and provide feedback on rule performance.
- Assist in developing a structured testing process for new detections.
- Identifying Areas for Automation and Logging Improvements.
- Develop guides for common workflows to help onboard future interns.
- Creating Dashboard Simulations from SW Data or Data Lake.
- Develop datasets for testing detection logic.
- Build dashboard simulations to visualize security incidents, coverage, vulnerabilities, and overall gaps.
- Compare simulated data against actual alerts to identify gaps.
- Document key discussions, action items, and follow-ups.
- Relay important insights back to the TDE team.
- Help bridge communication gaps between different teams.
Skills Knowledge and Expertise
- Basic understanding of cybersecurity concepts like firewalls, intrusion detection/prevention systems, and network protocols.
- Experience with log analysis tools (e.g., Splunk, ELK Stack)
- Familiarity with scripting languages (e.g., Python) for automation tasks
- Strong analytical and problem-solving skills
- Attention to detail and ability to identify anomalies in data
- Interest in cyber security threats and emerging trends
Why DeepSeas?
At Deep Seas, we like to say that heart rates go down, careers take off, and security programs mature. Our values provide the ultimate guide for our daily behavior and decisions. Without these values, we aren’t Deep Seas. They preserve the essence of our organization, reflect the personalities of our Deeps (how we affectionately refer to our teammates), and enable us to exceed expectations. Our values are:- We are client obsessed.
- We stand in solidarity with our teammates.
- We prioritize personal health and well-being.
- We believe in the power of diversity.
- We solve hard problems at the speed of cyber.
- Understanding and following DeepSeas’s information security policies and procedures.
- Remaining vigilant and reporting any suspicious activity or possible weaknesses in DeepSeas’s information security.
- Actively participating in DeepSeas’s efforts to maintain and improve information
- security.
- DeepSeas considers this position is as Moderate Risk with a potential to
- view/access/download restricted/private client/internal data. This information must be treated with
- Sensitivity and in the most secure manner. HR reserves the right to perform random background/drug
- Screens to ensure the safety of client/DeepSeas data