Securing an Internship
After passing the CompTIA Security+ in January of 2021, I begin to consider what my next steps would be. Deciding that since I was a current college student, it was time to secure my first internship that would provide the hands-on learning experience in Information Security (Infosec) that was needed. Most people are not aware that internships can be listed on their resumes and help to secure an entry-level position as they are viewed as on the job experience. It helped me to secure my first Infosec/GRC job position only a month after completing the internship that I attended.
The Process of Securing the Internship
Under a post that I made on Twitter about passing the Security+ exam, I talked about my next step would be to secure an internship with several people. The first internship I did was for Cover6 solutions with Tyrone E. Wilson This led to an opportunity to be an assistant speaker with him for the Black in Cyber(BIC) conference and a presenter for the D.C. Cyberwarriors meetup with my fellow TechSecChix friend Koshanna Evans entitled “I passed the Security+, Now what?”..
The next internship that was secured was with Florida Blue and was the result from one of their current employees Paul Linger reaching out to me via Twitter dm’s and submitting my resume to his company’s’ recruiter. After completing the interview process among myself and many others, I found out that I was the only candidate that was chosen for the summer 2021 cybersecurity internship program which was exciting for a black woman in tech.
The Internship Experience
The first half of the internship was with the GRC/Risk Management team and taught me about how to read and understand risk registers, NIST and ISO standards, and third-party vendor methods. Being able to sit in on calls that taught me important information that a GRC department is responsible for securing or creating the policies and baselines that the business should follow to increase the overall security posture.
The second half of the internship was with the application security department and dealt more with the internal processes for applications. We did research on apps that were not approved in the organization but were requested for use by users within the internal network. I had to write reports on findings and created SOP’s (Standard Operating Procedure) and documentation on how to take a new app from the start into production steps.
Securing the Job
All the experience that I received helped me to narrow down what area in information security I wanted to go in and I chose the GRC area. It prompted me to do more outside learning from school to make myself more knowledgeable to industry standards that I would need to know. These two factors combined led to me securing my first GRC position where I can spearhead projects along with learning and growing within the company. If I had not participated in that internship, I am not sure that I would have gotten the results that I did with my job search.