Join the team
SOCBOX is an exciting and fast-growing cybersecurity company headquartered in San Diego! Our interns are training to become cybersecurity analysts, which are a vital part of our team. You’ll gain more experience in 3 months than an average analyst will in a whole year!
Interns will be working from a Security Operations Center analyzing attacker behavior and methodologies, for either a 6-month or 12-month internship. You’ll be trained to search for anomalies and data breaches. When suspicious behavior is detected, you will research, verify, and document the incidents. These are then communicated to the IT department and direction is provided on remediation. This position has a unique schedule, with 12-hour shifts. This schedule would mean 3 days on/4 days off, then 4 days on/3 days off for alternating weeks. Two shifts are available:
Shift A: 12AM — 12PM
Shift B: 12PM — 12AM
We are looking for candidates that like to work in a team environment and that know how to communicate and document well. Candidates should be trustworthy, honest, moral and focused on doing what is best for the client. We need self-motivated professionals; we are a team of A-players only and we look forward to expanding that team.
- Must be a U.S. Citizen in possession of a valid U.S. passport
- Must consent to regular background checks and drug testing.
- Willing to work rotating shifts
- Experience or knowledge in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks, and one or more of the following:
- Knowledge of computer intrusion analysis and incident response
- Intrusion detection
- Knowledge and understanding of network devices, multiple operating systems, and secure architectures
- Working knowledge of network protocols and common services such as DNS, FTP, email, CP/ICMP/UDPSystem log analysis
- Understanding of network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
- Understanding of managing, responding to and resolving situations caused by network attacks
- Experience using current monitoring technologies such as: SourceFire-SNORT, ArcSight, or NetScout, Rapid7, Fireeye, etc.
- Ability to assess information of network threats such as scans, computer viruses or complex attacks
- Understanding of NIDS (Network IDS) and HIDS (Host-based IDS)
- Working knowledge of WAN/LAN concepts and technologies
- Working knowledge of Linux/Unix, including scripting, and basic system administration.
- Knowledge of signature development
- IDS/IPS Signature Analysis, Development and Testing
- SIEM content Analysis, Development and Testing
- Familiarity with packet analysis to include:
- HTTP Headers & Status codes
- SMTP Traffic & Status codes
- FTP Traffic & Status Codes
- DNS Queries
- PKI Certificate Exchange
- Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science, or
- Industry certifications, or
- Related field or equivalent combination of education and experience.