Security Internship Program

About the Program

The Security Internship Program is an opportunity for current UC Berkeley career staff to work alongside the Information Security Office (ISO).

  • ISO will reimburse the home department for the percentage of time spent with our office.  
  • Salary, classification, benefits, and paid-time-off accruals will remain the same. 
  • Timesheet:  The home department will continue to be responsible for the intern's timesheet, with input from ISO.
  • Vacation Requests: Intern will submit a request by emailing both managers.  Upon email approval, the intern will record the time off in Caltime.

**Now Accepting Applications for Security Developer Internship. Apply by Nov. 30**

Applicant Checklist

  1. Read about the internship below.
  2. Meet with your manager to seek support for applying for the internship.
  3. Submit an online application and email your resume to iso@berkeley.edu.
  4. If you have any questions about the program please contact Casey Hennig.

Benefits 

For staff, the internship is an opportunity for current Berkeley employees to develop a professional skill set in the information security domain and achieve breadth and depth of knowledge in the field. Interns will strengthen their career path potential, network with new colleagues, and contribute to the campus mission.

Specifically, staff will learn:

  • Security concepts and established campus procedures to ensure appropriate incident response.

  • Security incident status and workflows.

  • Research and analysis of security alerts. 

  • Security configuration of campus IT systems.

  • Incident response.

For departments, in addition to the cost savings, interns will bring back knowledge of security practices and standards to the home department.


Security Developer Internship

Departmental Overview

The Information Security Office (ISO) coordinates the risk management process for UC Berkeley's information systems and directs campus-wide efforts to adequately secure Institutional Data. ISO is led by the Chief Information Security Officer and consists of five teams: CalNet (Identity Management), Policy Program Management, Security Operations, Development and Engineering, and Security Assessments.

Responsibilities

The ISO teams are a close-knit group of talented information security professionals performing critical identity and access management and information security functions for the Campus. The Development and Engineering and Security Operations teams perform critical functions to promote the security of the campus network, including intrusion monitoring/detection, firewall management, vulnerability scanning, incident/breach response, and network registration. 

This internship will be working directly with the Security Developers. The Intern will contribute to the success of the campus Information Security program by contributing to the development of our Incident processing, Asset registration and Metric applications.

Outcomes of Internship

  • Knowledge of secure software development, including UI design, testing, and debugging.

  • New or improved skills: Ruby on Rails, Rubymine, git/github, Postgresql, Javascript.

  • Advanced knowledge of ISO Security Incident processing and Asset registration.

Key responsibilities include:

  • Participating in design and problem-solving discussions for new features.

  • Assisting Security Developers with reviewing, prioritizing, and assigning development work related to application development projects.

  • Coding, testing, and debugging software features (under the guidance of senior software developers).  

  • Participating in code review of software features.

In addition, the Security Interns are encouraged to complete an information security training course; either a general course or one focusing on a specific platform or specialty within information security.

Required Qualifications

The successful candidate will have the following skills and experience:

  • Self-motivated and works independently and as part of a team. Able to learn effectively and meet deadlines.  Able to work collaboratively, to give and receive constructive criticism, including participating in code reviews.  

  • Experience in web application development.  Preferred languages/tools: Ruby on Rails, Javascript, SQL, git.  General understanding of object-oriented programming concepts, software testing, and version control.

  • Demonstrated interpersonal skills such as problem-solving and knowledge-sharing.  Proficient written and oral communication skills, including the ability to gather and interpret requirements from both technical and non-technical audiences.

Work Hours and Conditions

Under a memorandum of understanding (MOU) between ISO and the home department, the Security Intern will maintain their current appointment, including job classification and salary. Additional conditions:

  • The internship will last between 6-12 months at 50% FTE (a minimum of 9 months at 50% is preferred but ISO is flexible based on operational needs of the home department).

  • Interns must obtain permission from their immediate supervisor and department manager.

  • There must be a plan to cover the workload in the home department during the internship.

Work performed as part of the internship will be completed offsite according to an established telecommuting agreement. Tasks specific to the internship should not be performed while working within the home department; however, the knowledge gained with the ISO teams enhances information security work within the home department.