CYSE 368

Cybersecurity Internship Final Paper

Posted by jmcco031 on

This summer, I have been undertaking an internship with Virginia529, which has provided me with valuable insights and hands-on experience in cybersecurity. With this internship I was provided the opportunity to be an Information Security Analyst intern to help assist and learn with their security team. I chose this internship with the organization because of my prior familiarity with the company and a solid understanding of its work environment. My three primary learning objectives that were put in place for me during this internship was analyze and reconcile data in security solutions such as Security Information and Event Management (SIEM) and Breach and Attack Simulation (BAS) Platform, create documentation and diagrams for information security processes, and assist the team with the fulfillment of additional requests and projects as needed. 

History of Company

Virginia529 is a state agency that started off as a business for college savings plans in 1996. Since the business has grown to more than college savings. Virginia529 is the biggest college savings plan in the country.They now have added more programs like ABLEnow, SOARVirginia, and retirepath. The education savings part of our company is called Invest529. They have two highly rated programs which are Invest529 and the advisors-sold College America. Invest529 accounts are ways that  families can save for educational expenses in a tax-advantaged account. They used to have Prepaid529 which is what my family got for me as a child. That account was when families would put money into the account for undergraduate in-state tuition where they would match the amount that was in the account, but due to the rise of college tuition it was in the company’s best interest to do away with this program. ABLEnow was created for people with disabilities where they could save without losing their public benefits which was launched in 2016. Then two years later ABLEAmerica was opened as the first ABLE program through financial advisors in the country. SOAR Virginia is their program that supports organizations across the state in making higher education more affordable through the SOAR Scholars program, mentoring, and coaching, and career and technical training. This program is only available for high school students that are in the program to help prepare them for post-high school education through advising and they will receive up to $2,000 that will be put in an Invest529 scholarship account. Retirepath is a retirement savings program that opened in 2023 to give access for retirement savings to build more economic security. This program is primarily for small businesses that can’t  afford retirement plans for their employees to give them a more affordable way to give that option. 

My First Day 

My first day was a wave of excitement and nervousness. My first day started on May 20, 2024. When arriving the group of interns were greeted with gifts of items from the company like pens, cups, frisbee, etc. They started off with activities for us interns to get to know each other which I liked because it took some of the nerves off. When they started the presentation they started with telling us about the programs and what Virginia529 is. After completing the presentation we were then taken on a tour of the building to get all of us familiar with the building and the ins and outs. After we were then taken to get our work computers which was a little complicated. That is due to the fact of trying to get us access to all softwares we needed. It took IT Operations to have to restart a server because the server wasn’t getting the login request. During the time for them to fix the problem one of my new coworkers came in to give all of us interns security training. This was to show the do’s and don’ts of what to do to keep the information we have access to safe. After the IT Operations intern and myself had to sit through additional training due to the fact that we are in IT. After all that we were fed lunch by the company, and that is where we first met our managers. They sat and ate with us and got to talk to them on a more personal level than about work. They did this because the only time we had talked to them was through the interview and wanted us to create a connection with them. At the time my manager was out of the office so Tasha the Information Security Analyst II came to eat lunch with me. After lunch was over we headed back to finish with our laptops and went back with our managers. Tasha showed me all of the work that she did and told me about the team. They were a team of 7 with people with all different skills. She also gave me a more detailed tour of the IT department. My favorite part I think I liked was that the security department is based off of Batman. They have a room called the Batcave which is where our Security Engineers are. They have the lights dimmed and have no windows. Don,  who is the highest level ranked security engineer, was there and told me they used the cameras from outside so they could see some part of the world outside that room. In there they also have a station where you can do forensics imaging which I thought was so cool because I took a digital forensics class where I learned about it. For the rest of the day I was sitting doing agency training that is required that had emergency situation plans, money loitering, etc. The interns were also required to do an additional security training on our own that was given out by the IT security team. My first impression of the first day was that I felt like I belonged there. Meeting other employees and just the happy and open atmosphere made my day filled with nerves more relaxing. All of the information I got from the people in my department gave me a promising feeling that I had picked the right career path and that I would learn a lot during the summer. 

Management Environment

The management of a company is an important part of running a business because without management it would just be unorganized and could cause the company to fail. I think that Virginia’s management is really good and the growth they have had throughout the years shows. Within my department our Director is Rosario. What I like most about her is that she allows her team to give inputs in all projects we work on. Just because she has had more experience than the rest of the team she values our input. I liked this because in the work environment I felt heard and that my thoughts had value. She has implemented a daily meeting that the team has to join everyday called Gotham Daily to get our day started. This meeting starts off with her high energy telling us all good morning. After she goes through each team member and asks what we have on our calendar for the day and they work we will be working on to get done for the day. I like this because it makes me think of the goals I want to accomplish for the day. After we have a question of the day to get our brains thinking and prepared for the day. Then ends the meeting with saying “Have a great weekend” which is an inside joke that they got me in on once joining the team. Even though she is my manager she is not the only one supervising me. Depending on the task that I was given by a team member that would be the person I would go to for questions because Rosario can’t answer all of my questions. The rest of the team has been a great help to me even with us going through audit season which can be a very stressful time. With getting guidance and tasks from everyone on the team it has given me many different perspectives that I wouldn’t have thought of by just taking classes. 

Work Duties

The first major project that I was assigned was a Risk Assessment Spreadsheet. In this spreadsheet I created different sheets within one document with the different softwares we use like Banner, Banner Web, Perceptive, etc. In this document I had to list different risks that could potentially harm the daily operations of our company. I had to use SEC530 which is  an Information Security Standard that we use to stay in good standing with the auditors. With that document I would have to determine the risk vulnerability family and describe the risk it could have and what we have in place if that risk were to occur. This was a very stressful project for me because it was a big project and this would be sent off to the auditors for review. It was very encouraging when I was working on it and my director Rosario had a meeting to review what I had done, and she told me I was doing a good job. With this I had other team members that are more on the governance side help me because I was only in my second week of working there and didn’t know all the systems well. I had to do my own research on what the softwares did. I think the one assignment that helped me complete this assignment faster was that in my first week I was given the task to read SEC530 which was almost 300 pages, and had to read through and find any policy that was mentioned in the document. After creating the list I then had to compare it to the policies we had and make notes on the policies we didn’t have implemented into our systems. After creating the list I then gave it to a coworker to further review if that was a policy we needed in place for the company. One thing I can say I did a lot of was making spreadsheets and comparing lists. They wanted to use my Excel skills that I acquired by receiving a certification in Microsoft 365. The next assignments I breezed through which were using  tenable, splunk, Hx, Aura, and other softwares to compare to our servers and workstations list to make sure devices are being scanned and on the softwares we implemented to scan our devices. A fun task I was given was being able to pick email templates that I wanted to use and set up for the phishing email to be sent out to the company for training. With this if an employee falls for the email they will then be tasked to take training on ways to spot phishing. I think this one is really fun because I like seeing if other employees fall for the bait I have sent out through phishing. I was taught how to do a SOC 2 Review which is where I have to do a detailed review on a software someone has requested that they think will help the production of the company. After being shown how to do it I was tasked with doing a SOC 2 Review on a software we already had which was Box, but the employee wanted the add ons which were Box Shield and Box Relay. The reason I was tasked with this review was because a SOC 2 had already been done for Box. I just had to add extra examples which they thought would be easy for my first one. Due to the fact that I took digital forensics classes at Old Dominion they then taught me how to use their forensics machine to do forensics imaging on hardware. This was probably one of my favorite things because it was something I was fascinated with. I try to do about two a day and then I give them back to IT Operations so they can rebuild the computer for someone else to have. The day I learned how to do them I was sitting with the IT Operations Intern and watched how the work I completed then transferred to him and watched a little on how he built the computer. I have two big projects that I’m currently still working on. The first one is I am the project lead for the M365 Review and I created a Jira board which is a software we use to keep track of the many tasks we have for the project. For this project I work with Tasha, Don, and Corey from IT Operations to go through a security review given by Gartner, Inc. We then see and review to see if each of the steps we need to implement into our system. The next project that I have a big part in is working with the security system engineers to make playbook animations. The first task that we have been working on for this is trying to take out any emails that are sent with QR codes because they are something we don’t need within the company, and are mostly phishing emails. With this our Systems Engineer II has been teaching me how to use Splunk to help make our playbooks. This has been very fascinating to me because I’ve still been trying to learn more of the technical side at my workplace and at school. Some things I didn’t understand in my class Thomas has made simpler ways for me to figure out the problems or questions I had. Most of the work I’ve done during this internship is read and review and I have loved every second of it. With all of the work I have completed I have learned that I want to use my degree for more of the governance side of security instead of the technical side. I do hope I am fortunate enough to find a workplace like Virginia529 where I can do both governance and some technical work too like everyone on the team . 

Skills and Knowledge

Skills that I had prior to this internship that I used a lot were my certifications I obtained in high school for the different Microsoft softwares. I really used my attention to detail skills to make my work as organized as possible for them to easily navigate through my work. I think a skill I learned was my listening and typing skills. That was something I had to do a lot in meetings where I led and they were telling me information to add to my document which is a skill I didn’t have to do much of in my lifetime. 

ODU Curriculum Preparation

I think Old Dominion prepared me well for the tasks I had to do during this internship. I think that it prepared me knowledge wise for what I do, but actually doing the work is something that the curriculum couldn’t teach and I needed to physically do it to understand what I learned. I think what I immediately knew related to what I learned was forensics imaging. This is because everything that I did during my digital forensics class I got to physically do and not just a simulation that was on my computer. I do think the simulation helped me, but it was way cooler physically doing it. The policy class that I took has also helped me a lot because most of the work that I complete on a daily basis for my internship deals with policies which I am thankful for. I think working with the engineers really helped me understand what I was learning in my technical classes because those were classes I struggled more with understanding, but having a little background knowledge really did help me not start from scratch. 

Outcome of Objectives

The first objective is to analyze and reconcile data in security solutions such as Security Information and Event Management (SIEM) and Breach and Attack Simulation (BAS) Platform is something that I have to do on a daily basis to complete my work. An assignment I’ve had to use using SIEM is utilizing Splunk and having to watch the system for an unusual activity that happens on our systems. I have also got training in Picus which is a Breach and Attack Simulation Platform where we have testers and run common breaches on our systems to see where we are vulnerable. After the simulation I got tasked with having to go over and flag certain outcomes I thought were really suspicious and could harm the company. The second objective is to create documentation and diagrams for information security processes. I have done this by the many different spreadsheets, security review templates, and diagrams that have been used in big projects, and which also give me a better understanding on the security operations my team does  on a daily basis to keep our company safe. The third objective assists the team with the fulfillment of additional requests and projects as needed I think was fulfilled. With the times where I didn’t have work at the moment I asked around in ways I could help. For example, I helped Tasha with watching security videos to implement the criteria we have to teach every year for our security awareness month training in October. Right now I am helping my coworker Erik with making a spreadsheet for the COV Standard to see what we have implemented into our security. There are many ways I have helped and the team makes it known how much the work I have done has really helped them with their operations. 

Parts that Inspire and Discourage

I think the most motivating part of having this internship is that it has made me more confident in changing my major from engineering to cybersecurity. I have a very hard time with change but this is a change I think I have felt the most confident about. While completing my task I think what motivates me more is that how my coworkers uplift me and tell me how well I have been doing with my work and how much of a help I have been to their team. I also think the harder projects that they have been giving me also shows me that they trust my skills and the knowledge I have to complete the tasks that are given to me. More recently I had to talk in a meeting with the CEO and Directors under the CEO to show the work that I have done to assist the security team, and how impressed they were by the level of my work. Rosario has also asked me to stay for the first half of the fiscal year as of now because she knows I am graduating in December and will touch base to see my plans after. This was such a big accomplishment to me, and tells me to keep pushing forward. I think that the most discouraging thing I would say I faced was myself. I doubted myself so much that I wasn’t confident in my work and took for them to say how well I did to build my confidence. I still face self doubt even with how far ahead I am, but I’m not gonna let that stop me. Work wise I would say something that was more discouraging was the fact I didn’t know some of the technical terms or the programming that I had to use for the playbook animations. I didn’t let this set me back. I just asked more questions and they broke it down for me to understand. I think the most challenging aspect is trying to catch up and learn all of the softwares we use. Sometimes in meetings they just talk and it’s hard for me to catch up and try to figure out what they are saying or trying to keep up with going through the software because they all know how to use it since they have been using the system longer than I have. 

Future Intern Recommendations

For a future internship the first thing I would tell them is to stay confident. Do as many technical training your school offers like capture the flag and other events. Also staying up to date on IT Breaches and software upgrade enhancements. One thing we do a lot is discuss what breaches have happened and talk about them to see if we as an organization have been affected. I would also say if you can work in a spreadsheet to get used to the operations because that is a software we use quite often to stay organized with our work. I think there were times where I felt overwhelmed with the amount of work I had because everyone on the team doesn’t know all the work each team member has asked you to help on so just speak up if it becomes too much. They won’t get upset because this is a learning experience for you to get a taste of what this career would be like.

Conclusion

   My main take away from this is that you just need to believe in yourself and everything else you do will fall in line. Asking plenty of questions, and trying to learn as much as possible is what internships are all about to make yourself better. This will influence the rest of my college experience because it solidified my choice with picking my major and telling me to speak up where I feel stuck and it’s okay to not know something. This internship has shown me what I want to look for in a company’s environment and team because if you find people that believe in you, you will believe in yourself. I also like the small team environment because you don’t get stuck in one position for the rest of your career and are more flexible to do different things. I would highly recommend this internship to others and once you find what you want, stick to it.

Leave a Reply

Your email address will not be published. Required fields are marked *