Cybersecurity Consultation Services Internship Program

Description

This program is designed to empower participants with the skills and knowledge necessary to contribute effectively to the field of cybersecurity, particularly in application security and penetration testing.

Scope

Participants should be capable to:

1. Performing penetration testing to identify and exploit vulnerabilities in various applications.
2. Conduct vulnerability scans on networks and systems to identify and analyze potential security weaknesses.
3. Conducting comprehensive application security assessments and code reviews to ensure software security from the ground up.
4. Assist and participate in governance and compliance assessments.

Responsibilities

1. Engage with team members to learn and apply penetration testing techniques.
2. Develop technical recommendations for improving security postures based on the results of penetration tests.
3. Operate vulnerability scanning tools to identify security weaknesses in the organizations’ network, systems, and applications.
4. Participate in threat modeling exercises which involve identifying potential threats to the organization’s assets, such as systems, data, and software. Use standard methodologies like STRIDE to systematically assess security threats.
5. Assist in ensuring that the organizations comply with relevant industry regulations and standards that influence risk assessments and security policies.
6. Conduct code reviews and security assessments for existing applications.
7. Work on actual projects, applying cybersecurity practices in real-world scenarios.
8. Assist in the creation of comprehensive reports on security testing outcomes.
9. Learn and engage in building governance frameworks to manage cybersecurity risks.

Requirements

Basic understanding of cybersecurity principles and application security.

1. Deep understanding of system and network security mechanisms, including firewalls, intrusion detection systems, and encryption technologies.
2. Familiarity with penetration testing tools and techniques.
3. Familiarity with Cybersecurity threat modleing, SAST and DAST concepts
4. Security tools and frameworks: Familiarity with security tools and frameworks commonly used in penetration testing and vulnerability assessment, such as Metasploit, Nmap, Wireshark, Burp Suite is highly desirable.
5. Knowledge of security standards such as ISO 27001, NIST, and CIS benchmarks that guide governance processes.
6. Ability to read and understand code in languages such as Java, Python, or C++.
7. Understanding of secure coding practices and the software development lifecycle.
8. Ability to work collaboratively in a team environment.