My Experience as Skillsoft’s Cybersecurity Intern

Hello, I’m Declan Cady, a rising junior at the University of Tampa, double majoring in Cybersecurity and Management Information Systems (MIS) with a minor in Criminology/Criminal Justice. This summer, I had the unique opportunity to intern at Skillsoft, a company that, for the first time, hired digital and IT interns. As the inaugural cybersecurity intern, I was eager to dive into this dynamic field and gain hands-on experience. Over the course of the internship, I learned about the daily operations of a cybersecurity team and took on several automation projects that allowed me to contribute meaningfully to the company’s IT infrastructure.

Meeting the Cybersecurity Team

One of the most rewarding aspects of my internship was meeting various members of the cybersecurity team and participating in Knowledge Transfer (KT) sessions. These sessions were instrumental in understanding the day-to-day operations and responsibilities within different cybersecurity domains, such as Governance, Risk, and Compliance (GRC), Platform Engineering, and Vulnerability and Threat Management. Each team member provided insights into their roles, the policies they follow, and the tools they utilize.

During these sessions, I had the chance to ask questions, gather information, and discuss how I could contribute to their work. This open communication helped me build a strong foundation of knowledge and identify areas where I could make a tangible impact. The team members shared valuable resources and encouraged me to explore further, which greatly enhanced my learning experience.

Following the KT sessions, I had weekly shadowing sessions with each cybersecurity team member to dive deeper into their duties and observe their tasks. These shadowing sessions were crucial as they provided real-world context for the knowledge I gained during the KT sessions. They also helped me grasp the dynamic nature of cybersecurity work and highlighted the importance of teamwork and continuous learning in this field.

The combined knowledge transfer (KT) and shadowing sessions were very informative, covering a broad range of topics. In Platform Engineering, I learned about key practices for endpoint security, security information and event management (SIEM), and network security, all of which are crucial for maintaining a secure and resilient IT infrastructure. In Vulnerability and Threat Management, the sessions focused on the process of managing vulnerabilities, understanding the associated processes, and conducting risk assessments, which are essential for identifying and mitigating potential security threats. Lastly, in Governance, Risk, and Compliance (GRC), I gained valuable insights into audits and compliance processes, procedure documentation, risk management, and various compliance frameworks. Understanding these frameworks and compliance requirements is crucial for meeting industry standards and regulatory obligations.

Cybersecurity Operations and Tools

Throughout my internship, I became familiar with various tools and platforms vital to modern cybersecurity operations. Some of the key resources I used include:

• Identity Management and Threat Detection: I became proficient in managing identities, detecting threats, and overseeing security events through comprehensive security information and event management (SIEM) practices.
• Service Request Management: I effectively managed service requests and learned the entire workflow from both user and administrative perspectives by working with advanced ticketing systems in different environments.
• Automation: I leveraged automation platforms to streamline IT processes and create workflows that significantly enhanced operational efficiency.
• Vulnerability Management: I conducted vulnerability assessments and managed potential threats, gaining valuable insights into proactive threat management and risk mitigation strategies.
• Network Security: I learned how to implement security policies at the network level, focusing on preventing internet-based threats right from the initial access point.
• Access Management: I familiarized myself with the process of managing user permissions and administrative controls to ensure secure access across the organization.
• Project Management: By adopting the Agile methodology, I completed projects in sprints and applied Scrum principles, using project management tools to track progress and maintain an organized, productive workflow.

Automation Capstone Project

My capstone project focused on creating an automated access management process for a commonly used application suite. I collaborated with two other interns in the Productivity and Automation/Integration teams within the Infrastructure, Operations, and Common Services department. Our goal was to identify tasks that could be automated to improve efficiency, working closely with the Service Desk, Security, and Service Management/Network teams. Automating application access management had been a topic of discussion for some time, and my team and I eagerly took on the challenge of developing a holistic workflow for this process.

To achieve this, I obtained certifications that equipped me with the skills to build automation processes, integrating various platforms and APIs. The purpose of access management is to ensure that only authorized users have access to specific resources, enhancing security, compliance, and operational efficiency. Automating this process reduces manual effort and the potential for human error, while providing employees with timely access to necessary tools, ultimately boosting productivity. We selected this particular application suite due to its variety of licenses, making it a beneficial project with potential for replication across other applications within the company.

We utilized several platforms for this project. The first platform we used allowed us to manage access requests efficiently, ensuring they were tracked, managed, and resolved in a timely manner. We created an access request form that gathered essential information and specified the licenses being requested. Automation tools within this platform enabled us to set up triggers to detect incoming access request tickets, assign and categorize them appropriately, validate email addresses, and send approval requests to the employee’s manager.

Another platform we used was designed for more advanced automation needs beyond the capabilities of our initial tools. We used this platform to automate the process of adding employees to specific licensing groups based on the access requests submitted, while also checking for errors. The process involved triggering a webhook after the manager’s approval, which integrated with the automation recipe we created. This recipe included steps such as extracting values from the access request form and assigning the employee to the appropriate licensing group. Lastly, the employee received an email indicating whether an error occurred or confirming their successful addition to the group.

Upon completing the automation, we underwent a change control process, which involved documenting, raising, and reviewing changes to current IT operations. Once approved, we implemented the workflow, streamlining access management and paving the way for future automation projects.

Individual Cybersecurity Projects

In addition to the collaborative aspects of the automation project, I worked on individual projects to enhance cybersecurity processes:

1. Blocked Website Report Automation: When employees attempted to access a blocked website, they could report the issue by providing their details. This report would be sent to our service management platform. I automated the process to change the requester field to the actual requester’s email address, auto-assign these tickets to the Security team, and send an auto-response to gather all necessary information for an approval decision. This streamlined the process, allowing the Security team to address requests promptly without waiting for manual intervention from the Service Desk.
2. Security-Related Ticket Categorization: I developed an automation that scanned for security-related terms within ticket subjects and descriptions, and automatically assigned and categorized these tickets to the security team. To make the categorization more specific, I created a condition for each security subcategory (Security Incident, Vulnerability, and Audit). For example, if the term detected relates to audits, then it would pass through the initial conditions and be subcategorized under “Audit.” Additionally, this automation involved coding a non-case sensitive operation to search for all variations of terms like “phish,” providing comprehensive detection without manually listing every possible variation (e.g., “PHISH,” “phisHING,” “phished”). This automation improved the efficiency and accuracy of the ticket triage process.

Similar to the capstone project, I had to undergo a change control process for both automations. After completing this necessary step, I worked with managers across different teams to fully integrate these automations from the testing environment to the production environment. Now, these processes ensure that all security incidents are handled quickly and accurately, which is crucial for mitigating risks and maintaining the integrity of the company’s IT infrastructure.

Professional Development

Beyond technical skills and projects, Skillsoft provided numerous opportunities for professional development. I participated in Lunch & Learn sessions where I gained insights into other departments and interacted with key figures like the CIO, the Automation team, and the SVP of Product Management. These sessions were invaluable in understanding the broader context of the organization and the significance of our work. For instance, all of the interns created a presentation for the SVP of Product Management, offering feedback to improve Skillsoft’s training platform. This goes to show how intern contributions can influence larger company projects.

Additionally, I familiarized myself with the company’s IT Standard Operating Procedures (SOPs), covering key areas such as security, automation, project management, and general IT operations. I reviewed policies and procedures related to information security, vulnerability and threat management, incident response, and risk assessment and management. This comprehensive overview provided me with valuable insights into how the security department manages and executes its operations.

Conclusion

My internship at Skillsoft was an enriching experience that provided me with practical skills, professional insights, and a deeper understanding of the cybersecurity landscape. From hands-on projects and certifications to collaborative sessions and professional development opportunities, I feel well-prepared for a future career in cybersecurity. I am grateful for this pivotal moment in my career and the chance to contribute to Skillsoft’s initiatives. I am excited to continue building on this foundation, applying what I’ve learned while exploring new challenges in the field.