CYSE 368

Cybersecurity Internship

Cybersecurity Internship Experience – Cyber Incident Response

During this course, I had the opportunity to use my current role as a Cyber Incident Responder as my internship experience. The class focused on applying academic knowledge to real-world environments, allowing students to reflect on professional growth and practical skills gained throughout the semester. My experience took place while working under a contractor supporting the Defense Commissary Agency, where I contributed to cybersecurity operations that protect systems used across U.S. military commissaries. Over the course of the semester, I worked with real network data, security tools, and incident workflows, which made this experience stand out compared to traditional classroom assignments.

One of the most impactful aspects of this experience was participating in daily cybersecurity operations, particularly analyzing logs, investigating suspicious activity, and managing security tickets. I worked with tools such as Splunk and Palo Alto platforms to monitor network behavior, identify potential threats, and review user activity. I also handled tasks such as scanning for unauthorized wireless devices, reviewing intrusion prevention system (IPS) alerts, and assisting with vulnerability management through CVE analysis and patch coordination. This hands-on experience required me to think critically, interpret large amounts of data, and make informed decisions about whether activity was malicious or normal. Unlike simulated assignments, this work involved real systems and real consequences, which made accuracy and attention to detail extremely important.

Through this experience, I developed and practiced several important skills and values. One of the most significant skills I strengthened was analytical thinking. Investigating alerts and reviewing logs required me to identify patterns, recognize anomalies, and draw conclusions based on limited information. I also improved my technical skills, particularly in log analysis, network monitoring, and understanding how security tools function in a real environment. In addition to technical growth, I developed strong communication and documentation skills. Updating tickets and explaining findings to users or team members required me to clearly communicate technical information in a way that others could understand. This experience also reinforced the value of patience and attention to detail, as many tasks involved reviewing repetitive data and carefully verifying information to avoid mistakes.

This internship experience directly supports my personal and professional goals in cybersecurity. My long-term goal is to work in incident response or digital forensics, and this role gave me a realistic view of what that career path involves. It helped me understand how cybersecurity operations function on a daily basis and what skills are required to succeed in the field. Moving forward, I will use the knowledge gained from this experience to improve my technical abilities, continue developing my analytical skills, and pursue more advanced roles in cybersecurity.

The evidence of this experience is reflected in the work I completed throughout the semester. This includes ticket updates, log analysis reports, vulnerability assessments, and documentation related to security investigations. These artifacts demonstrate my ability to apply cybersecurity concepts in a real-world environment and show the progression of my skills over time.

Artifact Inventory

  • Security ticket updates and documentation
  • Log analysis work (Splunk queries and findings)
  • IPS alert investigations
  • CVE review and patch coordination notes
  • Wireless device scanning records
  • Browsing activity investigation summaries
  • Tabletop simulation participation notes

The reflections and final essay will be the artifacts for this class.