Every college student has a worry of not being able to find an internship for the summer. An internship can provide real world experience and perspective into a field that interests you, but it can be exceptionally difficult to find the right internship that will ultimately pave a path to finding a job after college.
Before the summer of 2018, TrustedSec did not offer an internship program, but I was lucky enough to be the first to have the unique opportunity. Through my college, I was able to find a Professor who I respected greatly, and he mentored me through my college career. My mentor reached out to TrustedSec and was able to land me an interview. Though I got an interview with someone’s help, that didn’t secure me the job. An interview is just a foot in the door—after that, an employer needs evidence that you are fit for their company and that you meet the qualifications they expect from an applicant.
Personal Background and Experience
Let’s start with a little about my background and how I got in to the information security field. I joined the military straight out of high school and worked in a field that had almost no interaction with security or technology. When I finished my time in the military, I decided to attend Dakota State University for its Cyber Operations bachelor’s degree program. My first summer, I paid for my Pentesting With Kali (PWK) labs and received my Offensive Security Certified Pentester (OSCP) certification at the beginning of the next semester. Throughout the following semesters, I was actively involved with computer and security organizations around campus and participated in Capture the Flag (CTF) events online.
My story is just a single unique experience. There were some takeaways from my experience though—I had chosen a college with a recognized cyber security program, and while a degree is often not required in the information security field, it can still help set you apart from other individuals. The OSCP is a recognized certification throughout the industry and it is a great way to learn the basics and get started with security. CTF events can teach a wide range of skills from binary exploitation to network forensics and everything in between.
The best thing about doing an internship with TrustedSec is the intelligent people with whom you work. The internship was focused on working with the research team on projects that could help our consultants do their jobs more effectively. I worked directly under Carlos Perez (@darkoperator), who has many years of experience in Windows, Linux, PowerShell, and other related topics.
Working on the research team allowed me to learn about a wide variety of topics that I would not have had access to otherwise. The first thing that I worked on was implementing an antivirus payload testing lab so security consultants could test individual payloads and validate whether or not they will be flagged as malicious. Developing automated scripts and tools can help make things easier on an engagement, so I also worked on developing aggressor scripts for Cobalt Strike.
In addition to working with the research team, I had the opportunity to shadow some of the senior pentesters and see the methodology that they perform on both external and internal engagements. Toward the end of the internship, I gave an internal presentation on a tool that the research team was developing, which give me experience in presenting to a group of people. Lastly, I was able to travel to the BlackHat security conference in Las Vegas to help with the training class that TrustedSec hosts.
Throughout these experiences, I gained one skill set that is often forgotten as students prepare to enter the workforce: soft skills. I developed my ability to effectively write and communicate with teammates and clients, and I even gave presentations to groups of people. These skills can be challenging to acquire, but they are necessary for anyone wanting to get into security consulting.
Working at TrustedSec
Upon completion of the internship, I was given the opportunity to work full-time at TrustedSec as a Security Consultant. In this role, I now interact directly with customers and work on both Internal and External Penetration Tests.
Senior Security Consultant Adam Compton covered a similar topic in his blog post here, which may be helpful in gaining the necessary skills to apply as an intern.
How you can apply for an Internship
Prior to the summer of 2018, TrustedSec did not offer an internship program. Through industry connections, TrustedSec has had the opportunity to meet new prospects and bring on new interns. TrustedSec is currently in the process of finalizing a formal internship program for applicants. Please watch our social media accounts, email subscriptions or website for forthcoming details.