Journal #1

Journal #1

The First day of my internship was rather interesting as it required me to go through orientation. I had worked an internship before this at Towne Bank however that was in person. This internship however was fully remote and our orientation was more or less a powerpoint presentation that was one on one instead of a room full of other interns. In this orientation, a few things were overviewed like expectations and a list of duties that I would need to do while working there. They also required us to read their cyber security policy which was twenty pages long. In it the discussed topics that I was familiar with like no tailgating and locking your computer whenever you leave your computer for any reason. They also showed me learning objectives for my work and what I’ll be expected to learn by the end of my internship. Overall I was excited to start working on real-life projects and get a feel for how cyber security fits in the professional world.

After my orientation, I was assigned to shadow an employee for the first week. Luke was the one who originally got me the position as a volunteer so unfortunately I was unpaid but I didn’t mind it seeing that I stand more to gain from the experience than just money. I start my day and work alongside one of the members of the team depending on what tasks are going on each day. I join the morning meetings that start on Wednesday mornings at 8a central time where we discuss how the week’s start went and what else there is left to do before the end of the week. I spent most of the first week with Luke, who works fully remotely. Luke is working to mature the cybersecurity program by implementing SOAR. He is currently shopping for vendors or considering the open-source tool “The Hive”. It appears that we are leaning towards using automation built into Logpoint, as that is the SIEM being used. It showed me how some of the systems are implemented and how they are tailored to meet the client’s needs. Digital Wave had many different services that they offered companies. For example, they had a third-party Information Technology team that would handle tickets created by other companies that they had been contracted with. They also had a network setup option as well as Network assessments that would test the network’s security.

After Shadowing Luke for a week, I was put under a team that did Endpoint detection and response systems. As I did not have any certifications they did not have me do anything very technical for the client. Although they didn’t want me to handle any detections, they did have me help verify if there were any deployment gaps and present an Excel file showing what devices were covered by their RMM tool, Automate, and their EDR tool, SentinelOne. They also made it my objective to look into a report in the mailbox for our company and the company that we were working with had possible phishing emails sent to them. They first taught me how to spot a phishing email and gave me strict instructions on not clicking on any links or attachments. The main reason that they gave was that if I clicked on any links or attachments to let our Information Technology department they could lock my account and run a scan on my computer so that there isn’t any malware or keylogging software on the device. My team first showed me how to spot an email by looking at the grammar in the text to see if there were any large errors. The second thing to look for was to look at the links sent in the email. In Outlook, you can hover over the link without clicking on it and it will tell you the full link of the email. This was incredibly useful for Docusign phishing emails as it showed a false link compared to how a normal Docusign link would look like. These first two weeks went by quickly and I am excited to see what else I could learn.