My internship during the summer I am working at Virginia529. Virginia529 has been known for years as a place for college savings, but over the years they have added new programs like AbleNow for people with disabilities and RetirePath for small businesses that don’t have retirement plans to give their employees an option. We are located at 9001 Arboretum Parkway, North Chesterfield, VA 23236. The picture I placed in this reflection is a picture of the office. I work in the office Mondays, Thursdays, and Fridays. The other two days I get to work at home which has its perks. The second picture I have added is a picture of my desk and the third picture is the name plate I was given for my desk. My desk is with the IT Security team and the Development team. I like that we are provided a stand up desk instead of the regular cubicles like the rest of the building. This past week I got taught how to do forensics imaging. They do this because they copy all of the hardware before giving it back to IT Operations for them to refurbish the computers. That part wasn’t really explained to me so I’m not sure. The next thing I learned was how to go into Splunk to go over the incident review. Here is where anything that happens with our systems like a new user created, or new passwords, etc. are placed for the team to review. They assigned me with the task of going through Splunk to find any alert where there was a new user created and had to use our help desk system to find the ticket to approve that the request was actually there and I can dismiss it. At the end of the week Tami, who is the Security Analyst l, showed me and the other new analyst that transferred from IT Operations how to do a SOC review. After showing us she assigned me the task of doing the review for two add ons within a software named Box. It was very easy for me because we already have Box so the information would be the same, but she just wanted me to read over it and get a feel for it. I had to contact the contract administrator within our company to get a bridge letter and any other security information they had about their software. A bridge letter is used for if their security plan has not changed but to let the company know that their information and data are still protected.