Security Internship Program

About the Program

The Security Internship Program is an opportunity for current Berkeley employees to work alongside the Information Security and Assessments & Compliance teams.

  • The Information Security and Policy Office will reimburse the home department for the percentage of time spent with ISP.  
  • Salary, classification, benefits and paid time-off accruals will remain the same. 
  • Timesheet:  The home department will continue to be responsible for the intern's timesheet,  with input from ISP
  • Vacation Requests: Intern will submit request by emailing both managers.  Upon email approval, the intern will record the time off in Caltime.

Application period closed on March 1, 2019.
We will reach out to applicants with additional information 
by March 15.

Benefits 

For staff, the internship is an opportunity for current Berkeley employees to develop a professional skillset in the information security domain and achieve breadth and depth of knowledge in the field. Interns will strengthen their career path potential, network with new colleagues, and contribute to the campus mission.

Specifically staff will learn:

  • Security concepts and established campus procedures to ensure appropriate incident response

  • Security incident status and workflows

  • Research and analysis of security alerts 

  • Security configuration of campus IT systems

  • Incident response

For departments, interns will bring back knowledge of security practices and standards to the home department.

Applicant Checklist

  1. Read about the internship below.
  2. Meet with your manager to seek support for applying for the internship.
  3. Prepare resume and submit online application.
  4. If you have any questions about the program please contact Casey Hennig.

Departmental Overview

The Information Security and Policy office (ISP) coordinates the risk management process for UC Berkeley's information systems and directs campus-wide efforts to adequately secure institutional data. ISP is led by the Chief Information Security Officer and consists of four teams: Assessments & Compliance, Operations, IS Policy, and Identity and Access Management. The Security Intern will work with both the Operations and Assessments & Compliance teams.

Responsibilities

The Information Security Operations and Assessments & Compliance teams are a close-knit group of talented information security professionals performing critical information security functions for the institution. The Operations team performs critical functions to promote the security of the campus network, including intrusion monitoring/detection, firewall management, vulnerability scanning, incident/breach response, and network registration. The Assessments & Compliance team delivers information security assessments and manages compliance activities, to assist campus units in meeting a variety of internal and regulatory data security obligations.

The Information Security Intern will contribute to the success of the campus Information Security program by supporting specific operational work, projects, and new initiatives within ISP. This work will vary with department needs.

Examples of potential responsibilities include:

  • Performing product evaluations as part of vendor selection for enterprise wide vulnerability management software
  • Managing vulnerability scanning jobs and analyzing scan results for actionable findings
  • Developing public documentation for information security services offered to the campus
  • Performing data collection and management tasks during implementation of new GRC tools and processes
  • Researching new and emerging threats to campus electronic systems and recommending specific actions to campus IT support staff

In addition, the Security Interns will be expected to complete two (2) information security training courses, one general and one focusing on a specific platform or specialty within information security.

Required Qualifications

The successful candidate will have a thorough knowledge of many of the following areas:

  • Strong general IT knowledge and experience, including support, troubleshooting, and security best practices for a variety of desktop/server operating systems and software
  • Strong interest in information security and desire to pursue career growth in this exciting field
  • Familiarity with, or ability to learn, UC Berkeley campus and system-wide (Office of the President) security policies and standards
  • Strong written and verbal communication skills, and ability to effectively communicate across a broad range of campus audiences

Work Hours and Conditions

Under a memorandum of understanding (MOU) between ISP and the home department, the Security Intern will maintain their current appointment, including job classification and salary. Additional conditions:

  • Internship will last between 4-6 months at 25-50% FTE (6 months at 50% is preferred but ISP is flexible based on operational needs of the home department)
  • Interns must obtain permission from their immediate supervisor and department manager
  • There must be a plan to cover workload in the home department during the internship

Work performed as part of the internship should be completed either onsite with ISP (Warren Hall) or offsite according to an established telecommuting agreement. Tasks specific to the internship should not be performed while working within the home department; however, the knowledge gained with the ISP teams enhances information security work within the home department.