In this Intern Review, we hear from Michael Reed about what it's like working at Ingalls and what's next in his cybersecurity career journey.
Our Winter 2023 intern cohort has four determined interns who’ve joined us to learn what it’s like working in a Security Operations Center (SOC). Now that they’ve had a moment to breathe, we thought it was time to conduct an interview to learn about them and their experience inside the SOC at Ingalls!
Read on to hear from our intern, Michael Reed.
I have learned a lot about workflows and what daily life truly is like when working in a SOC, and I am certainly pleased with what has come out of it. Almost everything from this experience has been what I expected and I'm very happy to see that my skill set and my intuitive mindset matches well with a career in the security industry. The biggest revelation to me is that you don't need all these robust, expensive tools to get the best results in your incident response or your day-to-day activities. As the old saying goes, the simplest is usually the most effective, as well as a solid foundation of knowledge.
We always like to think that the most complex attacks are also the most devastating, but to me, it is all about how a threat actor can simply pose as a technician to gain access and control. The most interesting attack, to me, is social engineering. It is discreet and common, and it is easy to do with the right amount of information on an organization. That being said, my biggest take on phishing and social engineering is that we should be doing our part to ensure that there is efficient training and awareness being completed to protect organizational assets.
I came into this internship knowing what I wanted, how it would work, and what I would have to do in order to get there. It is hard work to get into cybersecurity, you put hundreds of hours into the industry and you put all of your resources and effort in so that you can gain the career and lifestyle that you want. But what was the most rewarding in this experience is that it has helped me see that I am not alone in thinking that there is always a learning curve. That's truly why I enjoy cybersecurity as an industry, it keeps me engaged and every day I learn something new. So if anything, I have been influenced to continue putting in that hard work and to continue to have fun doing what I love at heart.
I do this through a few ways. I personally use an RSS feed in order to keep up with threat intelligence happenings as well as cyber security news in general. Most notably, I pay attention to Dark Reading, MSSP Alert, and The Hacker News. I listen to a podcast every once in a while, but I personally prefer reading material.
Right now, I am studying for the CISSP Associate exam, and that is a challenging experience in itself. Once I have achieved that, my next goal will be to go for a GIAC certification, likely the GSOC. I have also considered completing the CEH and CTIA, but I'm keeping my path simple so that I can ensure I stay focused on what the present has for me. I also want to attend DEFCON or Black Hat in 2024, I attended the ISC2 Security Congress in October 2023, so I'm highly interested in continuing to have attendance in conferences in the future.
I usually go to the gym, but when I am not doing that, I enjoy playing Civilization VI and similar-style games. I also like playing Lego Star Wars, as well as other Lego-based adventure games. However, the big hobby I'm looking to get back into is golfing, I used to enjoy it all the time when I was young so I am going to be finding my way back onto the greenway eventually!
Are you interested in becoming one of our awesome interns? Check out our SOC Intern Yearbook and reach out to our team directly for more details.