Security Operation Center Intern

Security Operation Center Intern

Responsibilities Analyze security detection alerts, identify potential security incidents, and assist in root cause analysis. Discover, assess, and handle security risks from attack events, and provide appropriate response suggestions. Support the optimization of internal security detection systems by updating alert rules based on internal event analysis and threat intelligence. Analyze cyber threats from network traffic, security logs, and threat intelligence sources. Assist in security incident response, including investigation, impact assessment, remediation tracking, and post-incident review. Support red team and blue team security drills, including detection, policy optimization, and capability improvement. Respond to internal alerts from security systems and help identify high-risk vulnerabilities. Track vulnerability remediation for company assets and provide actionable security guidance to asset owners. Participate in security research related to attack techniques, defense strategies, detection rules, and threat intelligence. Requirements Strong ability to write professional security documents, including vulnerability notices, incident reports, and remediation guidance. Understand common security vulnerabilities and attacker techniques, such as webshells, local privilege escalation, backdoors, and common web attacks. Familiar with basic operations of Windows and Linux systems. Basic understanding of databases, web application services, and network security concepts. Proficient in at least one programming language, such as Python, Java, PHP, or Go. Familiar with SQL and able to write basic queries. Understand the basic mechanisms and practical usage of security systems and products such as SIEM, Honeypot, Sandbox, HIDS, WAF, and Splunk. Strong analytical thinking, learning ability, and sense of responsibility. Nice to Have Experience in red team / blue team drills, CTF competitions, or real-world security operations. Experience with AI-related security research or AI-assisted threat analysis. Familiarity with vulnerability scanning, log analysis, traffic analysis, or incident response workflows. Experience writing detection rules or using security tools in practical scenarios.