Internships are a good way to bring multiple benefits to a company. One can train potential full-time employees and can boost the employees leadership skills. One can also gain new perspectives through interns who come with innovative ideas and original points of view. And, let’s not forget the promotion of the business among potential jobseekers.
We needed to recruit Cyber Analysts for our team. We could either do it the old-fashioned way, recruit for the position, wait for months until the perfect candidates came forward…or use another approach to find quality employees: an internship. We chose the latter, for several reasons.
The recruitment process was much quicker than your typical one for a full-time employee. We used an internship recruitment platform and searched for cybersecurity graduates or final year students. This guaranteed we had candidates with a passion for this field. Also, we figured it is more productive to offer the training to several candidates at once, so that was one more plus for the entire process.
We filtered candidates based on their grades and other projects or internships they had already completed. We had interview sessions with each one of them.
We selected 10 interns. The duration of the internship is 6-months.
The internship started on January 3rd, 2023. The interns were presented with the possibility to join the team full-time, based on their performance by the end of the program.
This program is split in half: the first 3 months focus on the training delivered by the team leads and other members of the team. This process gave us more insight into each candidate's passions and strengths.
They were observed during this process: the acquiring of new information, the interaction with other team members, and were given light tasks to gain real work experience. These 3 months also had another benefit for the interns: synergy with several other seasoned team members. Interns were added as a part of ongoing projects for research and other tasks such as alert checks, false-positive analysis, CVE newsletters and recommendations.
The entire approach to the interns acclimation is geared towards making sure that the ones that choose us as their next employer, will already know their team members and will already be familiar with the work environment.
The training provided prepared our newest team members for monitoring and analyzing Endpoint Detection and Response (EDR) alerts (Carbon Black, Sophos, SentinelOne, Microsoft Defender), network logs, Lightweight Directory Access Protocol (LDAP) logs, cloud data (Microsoft O365, AWS), Intrusion Detection System (IDS) logs. The specific Cyber Analyst (CA) tasks also included a walkthrough for our in-house platform, Indicators of Compromise (IoC) analysis and reporting, IP and network understanding.
The remaining 3 months allow the interns to settle into the regular tasks, along with the possibility to participate in the many projects undertaken by the team: log integration, Quality Assurance (QA), automation, incident response, purple teaming, penetration testing, AWS security, IDS, MITRE ATT&CK Framework, documentation.
We’re 3 months into this process. We absolutely love it. It was a fantastic idea, and we are happy with the results.
We have taken very seriously our responsibility in shaping young minds and exposing trainees to healthy business values. The interns have always been encouraged to voice their concerns and opinions about the process.
With that in mind, we wanted to share with the world their experiences in Gradient Cyber and how this internship is viewed through their eyes:
“At Gradient Cyber, we are taught to create reports and check logs, having a proper exposure to work and developing into top cybersecurity experts. Our leads advise us and assist us whenever we need. This experience is very educational.” – Sakshi J.
“Working with the team at Gradient Cyber has been an invaluable experience for me as an intern. Their dedication to staying on top of the latest threats and their commitment to providing top-notch service to their clients has been impressive. I have had the opportunity to observe the team in action, as they monitor and analyze logs in real-time to identify potential threats and take proactive measures to mitigate risks.” – Tarun S.
“I have already learned many things about blue teaming, threat monitoring, IDS, Firewall, internal traffic, LDAP, and many other topics and the usage of different tools related to these topics. Currently I am working on Active Directory, Carbon Black, Cisco AMP, Microsoft 365, internal traffic, IDS, and anomalies.” - Aniket K.
Considering these positive experiences with our internship program, we will definitely repeat this process when needed in the future. If you need more information about this program, please feel free to contact us.
