DevSecOps engineer at Ford ensuring secure software development and compliance with security standards. Collaborating with teams to embed security practices and assess vulnerabilities in software delivery.
About the role
- Internship focusing on evaluating a Security-as-Code tool for Microsoft 365 environments. Collaborate on technical aspects and improve security assessment methodologies.
Responsibilities
- The project focuses on evaluating a Security-as-Code tool designed for assessing Microsoft 365 environments and Entra ID.
- The primary objective is to understand the deployment process, including its configuration and integration within existing systems.
- The project involves: conducting a comprehensive analysis of the tool's functionalities; identifying its strengths and potential areas for improvement; performing a gap analysis by comparing the tool with another security assessment script, and determining areas where it excels and where enhancements might be necessary.
- Additionally, the project explores the implementation of custom controls within the Security-as-Code framework.
- This involves delving into the technical aspects of the tool to understand how custom policies and controls can be developed and integrated into the existing framework.
- Collaboration with team members is essential to design and test these custom controls, ensuring they meet the teams specific security needs.
- Through this project, participants will gain experience in security assessment methodologies, Microsoft 365 and Entra ID features and architecture, and the customization of security solutions, contributing to the enhancement of the organization's security posture through automation.
Requirements
- Pursuing or recently completed a degree in Information Technology, Cybersecurity, Computer Science, or a related field.
- Familiarity with Microsoft 365 and Software-as-a-Service concepts.
- Understanding of security assessment methodologies and tools.
- Basic knowledge of scripting languages (e.g., PowerShell, Python) for understanding code.
- Ability to conduct comprehensive analysis and gap assessments of tools.
- Strong problem-solving skills to identify strengths and areas for improvement in security solutions.
- Effective communication skills to collaborate with team members and articulate findings and recommendations.
- Ability to work in a team-oriented environment.
- Keen interest in cybersecurity and security automation.
- Nice to have: Coding skills in PowerShell to improve and add custom controls.
- Knowledge of Entra ID in particular.
- Experience with administration of SaaS tools, provisioning of access, and IT/Security operations.
- Experience or knowledge about CI/CD best practices.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Officer responsible for ensuring safety and security at the Genesee Brewing Company. Monitoring premises, responding to emergencies, and providing visitor assistance during shifts.
Security Estimator creating estimates and proposals for security projects at LINX. Collaborating with engineering and sales teams for system design and client relationships.
Product Security Architect at Expedia designing secure architecture for services and APIs. Collaborating with teams to guide secure practices and integrate AI - driven solutions.
IT Security Officer overseeing information security for a specific IT sector at Desjardins. Collaborating with cross - sector teams and managing information security risks and vulnerabilities.
Associate, Information Security professional at Santander focusing on Vulnerability Management and network security exposure. Collaborating with teams to enhance security posture and manage technology risks.
IAM Security & Technology Governance person driving IAM technical program with cutting - edge technology to improve security posture at MUFG. Manage IAM requirements, standards, governance and solutions across global implementation.
Senior Analyst in Mastercard's newly created Vocalink Control Office supporting control testing across Security domains. Ensuring a strong control environment and identifying gaps for improvement.
Senior Analyst focusing on Information Security and Compliance at Cirque du Soleil. Engaging in threat analysis and improvement of security tools and processes, within a creative company culture.
Security Architect designing and implementing cybersecurity architectures for UK Defence projects. Collaborating with stakeholders to safeguard client data against cyber threats.