Security Operations, Intern

FIND YOUR BETTER AT AIA

If you believe in better, we'd love to hear from you.

About the Role

The Security Operations Intern will support the security team by identifying and driving opportunities for security automation, particularly in vulnerability assessment, compliance checking, and security operations reporting. The role involves collaborating with security, infrastructure, and development teams to develop and integrate automation scripts and respond to stakeholder queries under guidance. In parallel, the intern will also conduct various security assessments to identify vulnerabilities and analyse security issues and emerging threats to ensure timely remediation across platforms, databases, and applications, while contributing to cybersecurity projects and research initiatives.

Roles and Responsibilities:

• Identify area of opportunities for security automation to improve automation of security vulnerabilities activities, especially in vulnerability assessment and compliance checking.

• Take an active role in driving security automation activities with various stakeholders, including engagement with security team, infrastructure team, and developers. This includes creating & integrating the scripts, facilitating discussion, and responding questions from stakeholders, with guidance from the line manager.

• On top of driving the automation, this role will also perform an ad-hoc tasks of conducting security assessment to identify vulnerability, weaknesses, and potential exploits.

• Analyse security issues and identify potential threats. Monitor and manage security patches for platforms, databases, and applications, ensuring that vulnerabilities are addressed and remediated in a timely manner.

• Track and populate security operations metrics and reports, as well as automating the tracking process.

• Conduct research on emerging cybersecurity threats and vulnerabilities.

• Support the team in various cybersecurity projects and initiatives.

Job Requirements:

• General understanding of technology stack and information security concept

• Familiarity with basic AI prompt engineering, application scripting / automation platform, such as python, PowerShell, Power Automate, bash/shell script and data visualization / analytics platform, such as PowerBI, Tableau, Metabase.

• Basic knowledge of key cyber security processes, such as vulnerability scanning, and compliance checking and DevOps CI/CD pipeline practices.

• High enthusiasm, learning agility, and adaptability to learn cyber security process, tools, and framework.

Learning Outcomes:

• Ability and hands-on experiences to understand end-to-end process of how security vulnerabilities activities are conducted and automated, starting from assets identification, scanning, analyzing result, tracking, until remediation by custodian / issue owners.

• Teamwork, exposure, and experiences of having an interaction with various internal and external stakeholders, including with Security, Infrastructure, and Application Development Team. This would be useful in understanding security issues from multiple different stakeholders, both from the angle of technical and non-technical.

• Instructional and content design skills, as well as presentation and communication skills.