Cybersecurity Internship Journal 1

 I was able to get accepted for my summer internship with Valdez International Corporation on May 16, 2022, on their Airforce Contract at Langley Airforce base in Hampton, Virginia. Valdez International Corporation is Woman Owned Small Business (WOSB) that delivers enterprise IT solutions and services supporting critical missions of the Department of Defense, Intelligence Community, Department of Interior and other commercial clients. They also specialize in cyber operations and security; application services and support and I was glad to be part of their cyber operations and security team. My internship job was Network Administrator working with the Vulnerability management team performing security scans using Nessus as a tool. On my first day at the job site, I was introduced to the team and worked on trainings that are required for me to perform my job. My first week was filled with working on trainings and shadowing my co-workers learning what they do and what role I will be performing. My job responsibilities were building custom scans, providing vulnerability scanning assessment to in an enterprise of more than 3000 users, installation, and configurations of scans and as well as providing both executive and technical reports. I had to take a training on ACAS which refers to Assured Compliance Assessment Solution which is the mandated enterprise that does vulnerability scanning capability for networks and components that are owned and operated by the Department of Defense (DoD). Nessus is the scanning component of ACAS that is in compliance with the CVE (Common Vulnerability and Exposures) and DISA STIGs.  At the end of my first week, I was able to complete or required trainings and learn more about my position and job responsibility.

I look forward to what the rest of week will bring since there are a lot to learn and perform in my role. The team that I will be working with have been extremely helpful guiding and teaching me as I have questions about some of the tasks that I am responsible for.

Cybersecurity Internship Journal 2

Justice Gideon

CYSE 368

Old Dominion University

My internship with Valdez International Corporation would be possible without the help of my supervisor.  In my first week I was introduced to my Supervisor, Josias Sop. He oversaw the Vulnerability management office with several teams under his care, the team under his care and supervisorship were the Patching, Host Based Security System (HBSS), Assured Compliance Assessment Solutions (ACAS) and Network Monitoring teams respectively. Mr. Sop was my point of contact for the duration of my internship. Mr. Sop had been with Valdez for over four (4) years now and has held the lead role for about the same time. He is an experienced Information Technology and Cybersecurity subject matter expert who is well vex in the systems security and vulnerability management. I was so grateful to have started my internship with Valdez on this contract as they were in the process of a big yearly audits and the vulnerability management office was very key to the success of the audit. I was given an assignment to do a review of scans and create reports for the Information assurance (IA) team to ensure that all identified vulnerabilities are resolved meeting the threshold to pass the audit. It was a such a tedious work because it requires a lot of attention to details and critical thinking. As this was my very first attempt at doing this, I relied on the rest of the team to ensure I was doing the right thing while also self-identifying some of the solutions and trying as much as possible to be independent so as not to slow my colleagues down. The audit is usually two weeks long, but my department was able to help the reduce the time by being on time with their portion of the audit. After the audit, I was able to interview one of my colleagues who is the work center lead for the ACAS team I was interning with. My interviewee’s name is Jordan Shepherd, who is also a United States Navy Reservist with over 7 years of IT background with the United States Navy. I asked him these two interviewing questions, and below is his response to my question:

  • What is the most important knowledge, skills, and abilities needed by someone in this field?

The field being cyber security, I believe the most important skill and knowledge to possess is understanding the environment in which you work and how all the pieces of a network interact, knowing the purpose and function of all the small moving pieces in a network is vital to keeping it secure.

  • What would good entry-level jobs for gaining experience to become Lead Vulnerability Management Analyst.

Help desk positions are a great entry-level job when getting into the field of IT, as you get the experience of interacting with and assisting a customer in a timely manner, it helps improve vital skills such as expedient trouble shooting, phone and email etiquette, and working with a ticketing system. Which are skills you will use throughout your entire career.   

Cybersecurity Internship Journal 3

Justice Gideon

CYSE 368

Old Dominion University

After over six weeks of internship, the life of an intern was one of the most memorable parts of my journey to become a cybersecurity professional because of the opportunities presented to me during the internship. I learned so much from the vulnerability management office and gained some practical experiences for my future career as a cybersecurity professional. I went into the internship with an open mind, ready and willing to accept any challenges that may come. I did experience lots of challenges that sharpened my knowledge and gave me various sets of skills that can be applicable in my future career. From the first day of the internship through the final week, I have had the privilege of knowing some great cybersecurity professionals who mentored me through the internship. When I did not know how to apply some of the knowledge gained from school, these great mentors were able to guide and teach me in ways that I could understand. One example was when I had to resolve a work ticket with networking and port problems. I struggled to find solutions for my customer; however, through the intervention of one of my teams, who took the time to example the concepts to me, I resolved the ticket, and the customer was happy. That was just one example of the many challenges during my internship. At the end of my internship, I can confidently say that I have gained a lot of working experience in vulnerability management and can perform roles as a Vulnerability management analyst. Some skills I am proficient in are generating both executive and technical reports, building custom scans, performing scans, and creating various ACAS accounts for any user or as determined by the leadership. I was also privileged to have an opportunity to interview one of my colleagues, Luke Johnson, a retired United States Airforce with over eight years of IT background with the United States Airforce. I asked him these two interviewing questions, and below is his response to my question:

  • What are the most important knowledge, skills, and abilities needed by someone in this field?
  • Having a base knowledge of cybersecurity that should be covered by the certificates a job requires, and 2. knowing how to look for information. Most people have the base knowledge of how to use a program if they have time to click around and navigate it, but often, technicians will come up against specific questions and circumstances that are outside the day-to-day. Using documentation, looking up information online, or networking with the people you work with often solves these issues.
  • What would be an excellent entry-level job for gaining experience to become a Lead Vulnerability Management Analyst?

Good entry-level jobs for cybersecurity are as either help desk or as a client support technician, working on individual desktops. Both teach the basic knowledge, which can be easily fixed if you cause an issue. They also force technicians to work with both IT and non-IT personnel, giving perspective and experience dealing with both.