Project Title: Information Security Analyst/Developer Intern
Andrew Adams, Shane Filus, Derek Simmel
PSC, a national leader in data-intensive, high-performance computing, is perpetually striving to improve the security of its high-performance computing (HPC) resources and Cyberinfrastructure (CI). To this end, we are currently seeking undergraduate interns to collaborate with PSC staff on the development and implementation of information security tools, controls and techniques to enhance PSC’s security posture. Examples of possible projects include:
- Developing an asset inventory to be used for migration to a zero-trust architecture.
- Perform an asset-based risk assessment.
- Perform behavioral analysis over NetFlow or other layer-2, layer-3 or layer-4 networking data.
- Developing a database of logins to PSC resources, issuing alerts to the security team of authentications from new locations from the user’s profile and/or suspicious activity.
- Develop a database of PSC assets used for tracking, vulnerability scanning and remediation, scheduling and sending notifications, triggering events.
- Security software/system administration, including: auditing software packages, system configuration and hardening, converting PSC scripts to RPMs.
- Evaluate the features and performance of new security technologies.
- Develop a system to migrate internally hosted system configurations to external repos.
Research & Development Focus
- Improvement of security environment through analysis of data
- Enhance security environment through development of systems/tools
- Behavioral analysis
- Information security workflows & use-cases
- Security-minded students actively improve PSC’s cyberinfrastructure
- Required: some experience in Linux or BSD
- Required: some experience with Perl, Python or shell scripting
- Required: some knowledge of layer-2, layer-3 and TCP/IP networking
- Required: some knowledge of cryptographic operations, e.g., public-key, symmetric, hashes, and certificate creation & validation
- Desired: some experience with authentication and authorization, e.g., access-control lists, PAM, Kerberos, and LDAP
- Desired: some experience with security mechanisms, e.g., SSH, firewalls, intrusion detection systems, and vulnerability scanning
- Desired: some experience with identity and access management (IAM)
Computer Science, Electrical/Mechanical/Civil/Computer Engineering,
The student in this position will receive a stipend.
To apply, submit your resume and cover letter to Vivian Benton, email@example.com.
The deadline to apply is March 31, 2020.