Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Quick Poll Results Follow Up - Student Workers in SOC

From: Mac McGaughy <jmcgaug1 () UNCC EDU>
Date: Thu, 4 Jun 2020 14:51:36 -0400
We have student workers that conduct security operations tasks.  The key is
having well-documented procedures and workflows.  They need to know when an
incident needs to be elevated, and separation of duties is very important.
Student-workers provide a wealth of coding experience here at UNCC,  our
cybersecurity academic program is very code-heavy.
------------------------------------------------------------
------------------------------------------------------------
---------------------------
Jessie McGaughy | CISSP-ISSAP <https://www.isc2.org/Certifications/CISSP>,
CISSP, <https://www.isc2.org/Certifications/CISSP> CCSP
<https://www.isc2.org/Certifications/CCSP>, PMP
<https://www.pmi.org/certifications/types/project-management-pmp>, C|EH
<https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/>, ITIL
<https://www.axelos.com/best-practice-solutions/itil>
Chief Information Security Officer
UNC Charlotte | Kennedy Bldg 330B
9201 University City Blvd | Charlotte, NC 28223
jmcgaug1 () uncc edu <jbeauman () uncc edu> | Phone: 704-687-8548
itservices.uncc.edu
------------------------------------------------------------
------------------------------------------------------------
---------------------------
If you are not the intended recipient of this transmission or a person
responsible for delivering it to the intended recipient, any disclosure,
copying, distribution, or other use of any of the information in this
transmission is strictly prohibited. If you have received this transmission
in error, please notify me immediately by reply e-mail or by telephone.
Thank you.



On Thu, Jun 4, 2020 at 2:28 PM Kevin Wilcox <wilcoxkm () appstate edu> wrote:


On Thu, Jun 4, 2020 at 2:05 PM Ronald Loneker <rloneker () cse edu> wrote:


I did notice the one comment at the end about a school using student

workers in their SOC.


I'm interested in hearing from any institution who is doing this and

what duties/responsibilities you are assigning to students.  I already use
student workers in a non IT security area I manage so it might be another
area to grow for me if it can be helpful.

We just spun this up last academic year. They get read access to the
SIEM, they have the ability to quarantine/isolate systems via the EDR,
they get DLP access, can assign re-image tickets for compromised
hosts...our stance is that they are InfoSec employees so they're
treated like a staff hire.

The more interesting things they get to work on are scripting against
various cloud APIs and writing custom parsers/enrichment filters for
the SIEM.

It's been really nice.

kmw

**********
Replies to EDUCAUSE Community Group emails are sent to the entire
community list. If you want to reply only to the person who sent the
message, copy and paste their email address and forward the email reply.
Additional participation and subscription information can be found at
https://www.educause.edu/community



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Previous By Date Next
Previous By Thread Next

Current thread: