Internship Reflection
The internship experience at InfusionPoints has been an amazing experience filled with lots of learning opportunities, amazing people and new connections. Throughout my 10 weeks in the program, I have noticed considerable advancements in my knowledge of cybersecurity and marketing fields. The internship has taught me many valuable lessons to transfer into the professional space such as, always be learning, do not be afraid to ask questions, and never give up when something is not going your way. Working alongside these cybersecurity professionals has been eye-opening and an amazing opportunity. One of my favorite parts about this internship is the emphasis that InfusionPoints puts on learning and constantly looking to enhance your skill set. This is an important value to have because the cybersecurity field rapidly changes and InfusionPoints is always one step ahead of the curve by promoting constant education within this field.
During the internship the interns and I had an opportunity to spend 2 weeks with each department at InfusionPoints. For my first rotation, I had the opportunity to work with the Security Operations (SOC) team. During this rotation I got to learn valuable lessons about threat hunting, threat analysis and log monitoring. Using the MITRE ATT&CK framework, I was able to locate TTPs (Techniques, Tactics and Procedures) for recent security breaches and understand threat actor’s behaviors, tactics and procedures. After finding the TTPs for the attack, I dove into finding some IOCs from this specific threat group. Using Google, I was able to attain some IP addresses and .exe files that are associated with this threat group. I was then able to shadow a SOC analyst while we looked for these indicators of compromise within our environments.
The 2nd rotation I joined was Cloud Operations, during which I worked on standard operating procedures (SOPs) for firewall configuration and user management within AWS. Working on these SOPs helped me grasp how to provision users within active directory and configure firewalls using AWS Firewall Manager. During this time, I learned in more detail how to manage users on AWS Workspaces and maintain healthy instances of workspaces. During this rotation I also learned more about vulnerability scans, how to launch scans and how to document the results.
For my 3rd rotation I was able to job shadow the Advisory team. This rotation taught me so much about FedRAMP compliance standards and how to advise customers on the requirements for an ATO. I was able to listen to gap assessment interviews with customers and learn how to properly conduct them. Learning the FedRAMP controls was a challenge, but really helped me comprehend the importance of having a secure environment and what security controls make that possible. I was able to review these security controls by reading a gap workbook for compliance. Reviewing these security controls really helped to round out my knowledge of what I previously learned in the SOC and in CloudOps because it showed me why we have standard operating procedures and proper policies in place to enhance security.
For the 4th and final rotation, I was able to join the engineering team. During this rotation I was able to work on using Terraform to build out an AWS environment that included a database, autoscaling groups, load balancers and EC2 instances running an Apache web server. I was also able to learn more about variables and tfvars files usages in Terraform when meeting with my peers. I was also able to work on Html and Python programming languages during this rotation using hands-on learning. The highlight of this rotation was being able to see the new Command Center development, my co-workers were able to walk me through most of the development process and show which AWS services Command Center operates with. The most fascinating part of this product was the concept of automation behind every new development.
The internship concluded with getting my Solutions Architect certification, meeting lots of new connections in the professional space and learning so much about the cybersecurity field. The highlight at the final part of this internship was collaborating with the interns to make a project to automate emergency calls within AWS in case of a nationwide outage. We were able to present this project on the final day of the internship and showcase what we had been working on. I am very grateful to have been a part of this internship program and to have the opportunity to work with this amazing company. My future goals after the conclusion of this internship are to complete my bachelor’s degrees in Cybersecurity and Marketing at Appalachian State University, attain my CySA+ certification and dive headfirst into the cybersecurity workforce. I cannot thank everyone at this company enough for this opportunity and for all the help they have given me.