Around the SOC in 40 Days

Around the SOC in 40 Days

Musings of a Cybersecurity Intern

It was a bizarre series of events that led me to apply for the Jan 2022 Ingalls SOC Internship. Although some of the interesting points of that journey will not be covered here, you’re going to be taken through a wee bit of backstory.

I had originally learned of Ingalls Information Security when completing a Fellowship in the summer of 2021. Primarily, I noticed they had a wicked logo. The kind where your brain automatically plays a sound whenever you see it. Aside from that, between GRC meetings Brandi Pickett's name was excitedly used in hushed, reverent tones during conversations with my team members. Being preoccupied with my own inexperience, involved in a project that was research-intensive, and focused on delivering results, I made a mental note of those things and carried on.

At the least, it was very clear that Ingalls was a coveted company to work for. Having now had the pleasure these past few months, I wholeheartedly agree.

Let's back up just a little bit though. You see, in 2019 while living in Hawaii, I had decided to begin a career in cybersecurity shortly before the world changed and words like "mask-ne'' and "covid" became everyday horrors. During the world's longest relocation back to the East Coast -officially living in hotels or on planes from June to September- I fervently sought out and dug into any resource I could, in order to grasp the vastness of the digital world I had decided to jump into. The culmination of this was a "working knowledge" of C++, Python, AWS Cloud, and an abundance of exposure to various LMS or LMS-like platforms such as THM, HTB, Udemy, A Cloud Guru, Cybrary, INE, Coursera, and O'Reilly. My podcast and YouTube subs soon transmogrified into  IT, cyber, and information security. It wasn’t long before my resume and newly embraced LinkedIn profile had small upgrades like CompTIA A+, Sec+, ITIL4, CPO, and some really exciting buzzwords.

Naturally, I thought I had a pretty good grasp of things and maybe what I wanted to do. “I’m totally going Red Team, or like becoming a totally leet programmer” ~ past Jess, 2020/2021.
 ...yeah...totally.

By this time we had bought a home and settled into whatever qualified as a routine. As a military spouse, I had excellent assistance available for beginning a new career in earnest. I worked to build my resume into something slightly less laughable and then interviewed for the aforementioned Fellowship program run by Hiring Our Heroes. Being accepted into that program opened the doors to interviews with companies that were looking to support the military community with opportunities and meaningful employment.

Now fully surrounded by professionals, it wasn't long before I became painfully aware of how much I still did not know, and would likely never fully understand. Still, I persisted, there was only the way forward.

“...Do or do not…” as a magic talking lima bean-looking dude once said.

I had several interviews and by the end of them, was extended an offer for my first real experience in cybersecurity. Those making the offer were of course made aware of my lack of technical skills, as I made it part of my appeal as a candidate.

Lack of technical skills…That's a trait I love leaning into; My later interview with Ingalls would confirm this.

So the months flew by, and my new network grew, as did my knowledge. It was a challenging and rewarding experience. Once my Fellowship ended I began preparing for  Cisco CyberOps (CCNA). The future was still uncertain, but by then I finally KNEW I was on the right path.

One random sleepless night while scrolling the LinkedIn feed, I saw an Ingalls post about the SOC Internship Program. Ingalls!

I hemmed, I hawed, and ultimately decided to risk success by applying. To be chosen as a candidate was a far-fetched dream since I was neither local nor enrolled in a college program for cybersecurity.


“But it’s Ingalls! Carpe la vida loca!” ~ past Jess, 2021.

To this day I’m certain someone misread my resume or accidentally wrote my name down in a green-lit column. But they offered me an Internship and I accepted, meeting my fellow candidate, Candace Respress,  shortly thereafter.

Okay, the thing you need to know about Candace is that when people look up “the bee’s knees” in definitions, she is the official example.

We quickly got on and made our Intern Pact to always have each others’ backs. Whether subject to phishing campaigns, lost down a rabbit hole, having a blank moment, or just having a bad day, our sacred oath provided immediate stability in an unknown land. Turns out it was great to have, but the whole dang team at Ingalls apparently operates that way too. Candace and I did stick together, though. Thus, Candica was formed.

Over the first few days of meeting the team, I learned communication styles and found a natural comradery within the SOC. I also had the chance to reconnect with Michael Lozoya, whom I had met prior during my Fellowship program. Mariel Klosterman, who was just finishing up her Internship, gave us the lay of the land. We three (Candace, Mariel, and I) began the tradition of a weekly touch-base to assess the week’s wins and opportunities, in order to refresh the next week’s focus. This would evolve into Cyber Nightcap, which is a story for another day and audience.

The importance of being earnest without losing your humor is essential here, as is a fundamentally curious mindset, and willingness to “roll up your sleeves”.  During my Internship, I sought to learn the ropes, even if it felt like I could be strangled by them. The sheer panic at trying to absorb all the tools and processes at once definitely provided experience for the latter.  It was this feeling, and noticing that others had felt this way during their internships, that led me to begin the SOC Survival Guide, which seeks to be a simplified resource for anyone just starting out, but who lacks the technical experience a traditional T1 would have.

I also had the pleasure of my first attempt at a Security Advisory Notice from the Veeam Server RCE CVEs. Apparently, it didn’t completely stink, and happily many eyes were able to review it and provide the necessary details and polish for an actual release. The Security Advisory Notices are published to help our clients stay up to date on any threats that could impact their environment. These Advisory Notices are just one more reason why Ingalls demonstrates excellence in the cybersecurity industry. To have been able to contribute to that effort was rewarding.

Look at me do, little lima bean dude!

Outside of the SOC day-to-day, the constant dives into threat detection research, and completing the Internship research and writing assignments (which it should be noted were incredibly beneficial and fun to dive into), I sought to connect with other leaders and teams within Ingalls. It was in this pursuit I learned of Viewpoint, which reawakened my love of design,  and I began working with Unity and C# on my own time. Having had a prior go at Unreal and C++, the transition has been fairly smooth. I hope to properly bring that set of skills up to snuff enough to contribute to the project. Viewpoint, fully realized, could impact more than we realize. I find the possibilities invigorating.

I also had the opportunity to connect with Brandi, which, considering my prior exposure was limited to conversations during my Fellowship, was a bit like meeting a unicorn.  I learned that she had once led the SOC, and about her path into Government Programs. That sentence, of course, cannot convey the journey she has had appropriately, which could be an article unto itself. Her ability to bring experience from different fields into perfecting her role and pushing Ingalls forward is outstanding. I look forward to participating in that area as well, when possible.

Throughout my internship, engaging with other areas of the business was encouraged, enlightening, and I would argue, critical. At the very least understanding how the facets of Ingalls make the crown, has been beneficial.  

Let’s do all the things!

Inside the SOC exists an area dedicated to the client experience. In between aggregating chaos, working with engineering to polish the client portal, building get-well plans, and the occasional after-hours bourbon, we find Kris Brochhausen. I have recently begun pestering him to learn more about what goes on with this focus area, providing him unsolicited feedback and learning how tasks are accomplished. Ensuring that the client experience from initial sales, through engineering, SOC handoff, and long-term care goes smoothly requires streamlined communication and processes. Having a dedicated function focused on customer advocacy ensures the highest standards are met, and I am fascinated to see this process in action.

As is life, I have encountered distinct moments of failure and moments of success during my time as an intern. The “lesson learned” moments will always sting, but I have only grown from them. I have found that moments of success are often because of teamwork and that Ingalls as a whole celebrates those wins with genuine enthusiasm. If this is all starting to sound cult-ish, I will only say this: having a leadership team that truly puts people first makes it hard not to be a devotee.

There are so many experiences and lessons from my time as a SOC Intern with Ingalls. From shadowing IRs, owning up to my shortcomings openly (and growing from that ownership rather than wallowing in the error), appreciating the weight the upper echelon carries for the teams, and pelting everyone everywhere with questions or random polls within internal communications, it has been illuminating.

Suffice it to say every Intern will have their own experience.

For those who undertake this opportunity with enthusiasm and a sheer willingness to fall flat on their face, it will be a rewarding one. I highly recommend taking notes that summarize your wins, worries, and tasks each week; doing so will document your growth. In addition to tolerating my lack of technical prowess, the SOC embraced what I could immediately bring to the table, and fed me the tools to succeed. Or rather, they welcomed me to the table, allowed me to consume as much information as I desired while showing me how to use the utensils, and also maintain a healthy focus on my life outside of work.  For these reasons,  I didn’t think twice when offered a full-time position here at Ingalls. So here I am, having been around the SOC in 40 days, looking forward to the next creative way I get to disillusion Cyrus Robinson and pursue my career in cybersecurity with wild abandon.

“Prost!” - present Jess, 2022.


Summer Internship Program Now Open

Have you thought about a career in cybersecurity? Ever daydreamed about sleuth-level mastery the likes of Charlotte Justice, Easy Rawlins, or Veronica Mars... or perhaps captivated by the show Mr. Robot, national news like the SolarWinds breach, or the topic of election security? Ingalls Security Operations Center (SOC) Analyst 2022 summer internship may be for you!  Check out the job posting for our internship program to learn more!  


Ingalls Information Security 

Ingalls Information Security understands cybersecurity.  Since 2010, we’ve been in war rooms and boardrooms, investigating computer networks targeted and attacked by criminals and nation-state-sponsored hackers. This experience gives us a powerful edge in preventing and responding to cyberattacks. 

If you’d like to learn more please contact us here. One of our cybersecurity experts will be more than happy to assist you and answer any questions you may have.

 

About the Author
Jessica Willoughby, A+, Sec+, CPO, ITIL4

Jessica is a freshly-minted Cybersecurity Analyst with a background in project management and client services. Operating with a passion to build trust between the technical and non-technical relationships in cyber and information security, she utilizes her talent of bridging gaps in communication and organization with the intent of creating content of value.

Share :

Sign Up For Network Security News