Information Security Co-op

Become a part of the team responsible for literally thousands of computers, all of which are under constant attack from the internet. We need skilled people to help analyze emerging threats, detect hacking attempts, respond to machine compromises, and assist in analyzing the deluge of alerts to find and neutralize real threats on the network. Learn how malware threatens infrastructure, help design and monitor systems to track hackers and learn their techniques. Assist in incident response and digital forensics by doing detective work on compromised systems to find out how they were hacked, and how to lock the bad guys out. Construct firewalls and intrusion detection systems to alert administrators to threats. Look at live systems to find security vulnerabilities - hack the systems and develop fixes to vulnerabilities to better protect servers and applications. Don't just read about the latest virus or 0-day exploit - download the code, test and analyze it to truly understand it. Training will be provided, however prior knowledge of some fields is required. Experience in any of the following skill sets is desirable: linux/unix system administration, c/php/perl/python/shell programming, SQL, firewalls, cryptography, virtualization, tcp/ip networking.

Typical projects our co-ops work on range from intrusion detection system monitoring and incident response to security software and exploit development. The co-op opportunity in ISUS allows interns to become a full fledged member of our security team. We're seeking bright, self motivated individuals capable of carry out guided tasks as well as designing their own research. From running a honey pot and analyzing attack patterns to investigating malware propagation, the co-op is expected to come up with interesting, unique, experiments and projects to benefit ISUS and the Penn community. We strongly encourage open source research and try to contribute our findings back to the community.

The hardest step in a career in information security is your first job. Experience counts in the field and it's tough to find a position without having already had a job in infosec. The ISUS co-op opportunity will give you the experience and knowledge necessary to enter the exciting, dynamic, and challenging field of information security.

Job Responsibilities

The information security co-op is responsible for a number of day to day tasks that support the information security and unix systems (ISUS) group. These include, but are not limited to:

• Presenting weekly threat reports at staff meetings. These reports include new vulnerability and exploit announcements culled from mailing lists and news sources. These reports help administrators keep abreast of the changing security landscape and exposes the co-op to the cutting edge of information security.
• Monitoring intrusion detection system (IDS) alerts and investigating suspicious activity. This task includes coordinating with other ISUS staff to deploy and tune the IDS and responses. This task helps familiarize the co-op with our infrastructure as well as common threats facing the University systems.
• Assisting in product evaluation. This includes both open and closed source product deployment, staging, and testing. Often this involves writing best practice documentation or other reports. In the past this has also included assisting in developing custom installation scripts and MSI packages.

The co-op is also a vital part of the ISUS incident response team. Whenever an information security incident is detected the co-op will help with the analysis, response, and mitigation that follows. This involves digital forensics and analysis, brainstorming solutions, and examining failures in current information security architecture.

Additionally the co-op is responsible for designing independent research projects. These projects are developed in conjunction with the supervisor but the co-op is expected to develop and carry out the project unsupervised. These projects can range widely in scope and are only constrained by the resources of the information security lab and the fact that projects must be of some interest to SAS InfoSec.

Training is also provided to the co-op. This usually involves weekly lecture style learning as well as project exercises. These exercises are designed to be carried out independently by the co-op. They usually involve a capture the flag type scenario where the supervisor sets up a testing environment and the co-op is expected to discover, analyze and exploit vulnerabilities in that environment. Once the exercise is complete the co-op must present an analysis of the problems in the target systems and discuss potential solutions or mitigation to the types of vulnerabilities presented in the exercise.

Hiring Schedule

Our next hiring cycle will cover a position between the dates of September 21, 2009 to March 26, 2010. We will begin accepting applications May 21, 2009 and will be conducting interviews Thur- June 4 through Mon- July 6, 2009.