Cybersecurity Analyst Intern
IT Analyst (Cybersecurity) Internship
Location of position: Arlington, VA
Program Length: 10-week program from mid-June to mid-August (rising seniors preferred: Class of 2024)
Required for application: Resume, Cover Letter and Unofficial Transcript
Hours/Compensation: Summer Analysts are expected to work 40 hours per week and are competitively compensated
Office Requirement: Summer Analysts are expected to be onsite 2 days a week and can work from home 3 days a week
Cambridge Associates was founded in the early 1970s to assist nonprofit institutions with the investment of their endowment assets. Today, we provide investment management, financial planning and proprietary capital markets research to over 1000 clients including nonprofit institutions, private clients (families) and pension plans. The firm advises on assets in all asset categories, including equities, bonds, non-US investments, real estate, venture capital, hedge funds, leveraged buyout funds, oil and gas partnerships, and many other types of investments. We monitor the performance of nearly all major institutional investment managers and provide an advanced monitoring service for our clients to evaluate alternative assets managers such as venture capital and private equity.
Cambridge Associates has a staff of more than 1,100 professionals, including 200 Investment Directors and 150 Investment Associates, based in eight offices located in Arlington, Beijing, Boston, Dallas, London, Menlo Park, Singapore and Sydney. We select our employees with great attention to their potential to become valuable members of a collegial, intelligent and hard-working team.
The Analyst will provide a range of analytical skills to help drive security initiatives. The Analyst will work with security partners and internal technical teams to define security policies, standards, and procedures, deliver superior quality advice to our customers, and participate in initiatives implementation to ensure a successful outcome.
- Acquire broad understanding of the organization technology and information systems
- Acquire knowledge of the organization’s compliance requirements
- Define corporate security policies; work with technical teams on creating and maintaining network and infrastructure security procedures
- Participate in developing security configuration standards for network, servers, desktops, laptops, tablets, mobile phones, etc.
- Work with technical teams and security partners on designing and implementing processes for security monitoring, vulnerability management and incident management.
- Provide recommendations to technical teams on patch, configuration and change management processes
- Develop remediation plans for security risks and vulnerabilities
- Perform quarterly user access reviews and develop actions plans for anomalous access
- Participate in performing security assessment and assurance for all new system implementations prior to going live
- Participate in performing data classification and data discovery
- Participate in developing security awareness training materials for end users and technical teams
- Knowledge and experience with computer systems, applications, development, and testing methodologies
- Knowledge of industry standard methodologies and best practices (i.e. ITIL, System Development Life Cycle, etc.)
- Highly skilled in incorporating successful interviewing, facilitation, and documentation techniques within a project
- Excellent facilitation skills with bringing multiple groups together to agree on project scope and build consensus
- High-level of knowledge, experience and success with writing and reviewing test cases
- Able to work independently with minimal direction and guidance from project lead, consultant staff and manager.
- Strong process analysis and problem-solving skills
- Excellent communication skills including the ability to communicate effectively in both formal and informal contexts in a fashion tailored for the audience
- Affinity for technical writing and presenting – ability to formally document requirements, reach agreements with others, and explain detailed requirements to others as needed
- Capacity to discern patterns and interdependencies in complex business processes
- Capacity to focus on details, while effectively managing ambiguity
- Ability to work cooperatively in a collegial environment
- A bachelor’s degree
Knowledge and skills in the following technical areas will be a plus:
- Firewalls, IDS/IPS, network access control and network segmentation
- Router, switch and VLAN security; wireless security
- Penetration and vulnerability testing
- Cloud computing
- SaaS models
- Identity and access management principles
- SQL databases’ platforms
- Application security
- Encryption technologies