Security Internship Program

About the Program

The Security Internship Program is an opportunity for current UC Berkeley career staff to work alongside the Information Security Office teams.

  • The Information Security Office (ISO) will reimburse the home department for the percentage of time spent with ISO.  
  • Salary, classification, benefits and paid time-off accruals will remain the same. 
  • Timesheet:  The home department will continue to be responsible for the intern's timesheet,  with input from ISO
  • Vacation Requests: Intern will submit a request by emailing both managers.  Upon email approval, the intern will record the time off in Caltime.

*Applications for Assessments Internship are Closed*

Applicant Checklist

  1. Read about the internship below.
  2. Meet with your manager to seek support for applying for the internship.
  3. Submit an online application and email your resume to iso@berkeley.edu.
  4. Learn more from our first intern in this article
  5. If you have any questions about the program please contact Casey Hennig.

Benefits 

For staff, the internship is an opportunity for current Berkeley employees to develop a professional skill set in the information security domain and achieve breadth and depth of knowledge in the field. Interns will strengthen their career path potential, network with new colleagues, and contribute to the campus mission.

Specifically, staff will learn:

  • Security concepts and established campus procedures to ensure appropriate incident response

  • Security incident status and workflows

  • Research and analysis of security alerts 

  • Security configuration of campus IT systems

  • Incident response

For departments, interns will bring back knowledge of security practices and standards to the home department.


Departmental Overview

The Information Security Office (ISO) coordinates the risk management process for UC Berkeley's information systems and directs campus-wide efforts to adequately secure Institutional Data. ISO is led by the Chief Information Security Officer and consists of five teams: Policy Program Management, Service Management, Security Operations, Development and Engineering, and Security Assessments.

Responsibilities

The ISO teams are a close-knit group of talented information security professionals performing critical identity and access management and information security functions for the Campus. The Development and Engineering and Security Operations teams perform critical functions to promote the security of the campus network, including intrusion monitoring/detection, firewall management, vulnerability scanning, incident/breach response, and network registration. The Policy and Security Assessments teams deliver information security assessments and manage compliance activities, to assist campus units in meeting a variety of internal and regulatory data security obligations. 

This internship position will be working directly with the Security Assessments team. The Intern will contribute to the success of the campus Information Security program by supporting specific operational work, projects, and new initiatives within ISO. This work will vary with department needs.

Examples of potential responsibilities include:

  • Assist Assessment Team security analysts with collecting documentation and reviewing evidence for various assessment engagements, such as vendor security reviews, campus policy assessments for high-risk applications, and consulting with campus researchers to meet regulatory and data-provider requirements.

  • Help the Assessments Team to migrate engagement processes to a new platform.

  • Develop public documentation for information security services offered to the campus.

  • Develop tools for campus researchers to more easily implement security controls for the sensitive data they are responsible for.

  • Assist with performing data collection and application administration tasks to support the implementation of new GRC tools and processes

In addition, the Security Interns will be expected to complete an information security training course; either a general course or one focusing on a specific platform or specialty within information security.

Required Qualifications

In addition to being a current UC Berkeley career staff employee. The successful candidate will have knowledge of many of the following areas:

  • Strong general IT knowledge and experience, including support, troubleshooting, and security best practices for a variety of desktop/server operating systems and software

  • Strong interest in information security and desire to pursue career growth in this exciting field

  • Familiarity with, or ability to learn, UC Berkeley campus and system-wide (Office of the President) security policies and standards

  • Strong written and verbal communication skills, and the ability to effectively communicate across a broad range of campus audiences

Work Hours and Conditions

Under a memorandum of understanding (MOU) between ISO and the home department, the Staff Security Intern will maintain their current appointment, including job classification and salary. Additional conditions:

  • The internship will last between 4-6 months at 25-50% FTE (6 months at 50% is preferred but ISO is flexible based on operational needs of the home department)

  • Interns must obtain permission from their immediate supervisor and department manager

  • There must be a plan to cover workload in the home department during the internship

Work performed as part of the internship should be completed offsite according to an established telecommuting agreement. Tasks specific to the internship should not be performed while working within the home department; however, the knowledge gained with the ISO teams enhances information security work within the home department.