Our internship placements continue, find out what they have been up to over their time at Solis and what they have learnt
Inside the Internship
As our internship placements at Solis continue, we’ve had the opportunity to deepen our skills, gain new experiences, and take on even greater responsibilities. Each of us has navigated different rotations, working alongside experienced industry professionals, and tackling real-world cybersecurity challenges. From threat hunting and forensic investigations to incident management and automation, we’ve been immersing ourselves in a fast-paced, ever-evolving environment. In this blog update, we share some of the standout experiences, learnings and reflections on our journey so far.
Joey Satka
My first six months at Solis have been an exciting time. While I was working with the Cyber Threat Analysis team, I had the chance to dive into threat hunting, automation and programming. I also had the good fortune to attend a number of workshops. These helped me develop my existing skills and introduced me to some new areas like open-source intelligence. It’s been incredibly fulfilling being able to put these skills into practice by proactively identifying potential vulnerabilities and alerting our clients to new threats. It’s rewarding to see how our work directly contributes to minimising cyber risks and keeping our clients’ environments secure.
I’m currently eight months into my placement, having spent the past two months working closely with the Managed Detection and Response (MDR) team. Shadowing our MDR analysts has given me a first-hand view of how threat actors try to breach networks, and how our team’s swift actions prevent these threats from affecting our clients. I’ve learned so much from seeing how each step in the detection, analysis, and remediation process fits together to protect critical systems.
I’m also continuing to develop and refine scripts to automate some of our internal processes, saving valuable time and effort for our analysts. On top of all that, I’m working toward my SentinelOne SIREN certification. I’m eager to add that expertise to my toolkit. Looking ahead to my second rotation, I hope to deepen my technical abilities still further, and begin contributing my own insights on threat investigation and detection practices. I’m excited about the opportunity to grow within the team, and I can’t wait to see the impact work has in the months to come.
Priyra Aidan
My placement at CFC Response has been an exciting experience. Over the first six months, I was working with the Cyber Incident Management (CIM) team. This gave me the opportunity to experience triaging security incidents, conducting threat intelligence research, and supporting client investigations. One of the highlights was producing threat reports and summaries, and then presenting them in client meetings. This experience really helped build my confidence in communicating technical findings. Along the way, I picked up a wide range of skills, from incident triage and management techniques, to soft skills and clear communication. With no prior industry experience and limited exposure to cybersecurity at university, I had to build my skills from the ground up. Looking back, I can see how much I’ve progressed and how much confidence I’ve gained. More importantly, working with the CIM team gave me a secure understanding of how the different parts of the team collaborate. This has proved invaluable as I transitioned into my next rotation. Having that solid foundation in place has allowed me to approach my new role in a much more focused way.
Now that I’ve moved into the Incident Response (IR) team, my focus has shifted to forensic investigations. I’ve been shadowing several team members on their projects, gradually taking on more responsibilities as I gain more experience. It’s been fascinating to see how different forensic logs can be pieced together to build a timeline of events in ransomware attacks and business email compromises. No two days are the same, and I love that I’m constantly learning something new. I look forward to working on more investigations, taking on bigger challenges, and continuing to develop my skills in areas like root cause analysis, identifying threat actor activity, and data impact. It’s been a fantastic experience so far, and I can’t wait to see what the next few months will bring!
David Junior
My placement so far has been nothing short of amazing. It began with the six months I spent with the Incident Response (IR) team. Initially, I was shadowing and learning how investigations are conducted, from forensic collection all the way through to reporting. As time passed, I was able to take on more responsibilities and gain more experience. This culminated in me leading my own investigations, from forensic collection through to identifying suspicious activity and delivering comprehensive reports with actionable recommendations. I also had the opportunity to showcase my programming abilities. This included creating programs to automate internal processes to support new ways of log collection.
Looking back at my time with the IR team, it’s incredible to see how far I’ve come. Coming straight from university, I started with virtually zero knowledge of cybersecurity. At first, everything was completely new to me. But, over time, through hands-on experience and a genuine curiosity to learn, I’ve been able to build a solid technical foundation. Beyond the purely technical side, I’ve also improved my ability to communicate complex findings clearly and effectively. In particular, I’ve come to appreciate the importance of tailoring reporting, so that even non-technical stakeholders can understand the impact of an incident and the steps required to respond to it.
I have now moved over to the Incident Management (IM) team. This has been a complete shift in focus for me, after working with such a technical team. It’s presented me with a whole new set of challenges, from managing priorities in fast-paced situations, to making sure policyholders have the support they need throughout an incident. After all the growing experiences I’ve had so far, I’m excited to see what the final few months of my placement have to offer - and to continue building on everything I’ve learned.
James Ledger
My time with the MDR team has been a wonderful experience. It’s amazing how much I’ve learned about malware, threat hunting, and threat actor behaviour. In the six months I’ve spent working with the MDR analysts I’ve seen how threat actors infect and attack computer networks - and how their many different methods of attack are constantly evolving. I’ve seen the team constantly hunting for new threats and preventing incidents from even starting. Having quickly gained my SentinelOne SIEREN Certification, I was able to work alongside the MDR analysts on cases and detections. I’ve been able to leverage my programming skills to create scripts that provide information to us and our clients, and I’ve worked with our analysts to help solve programming problems and provide long-term solutions.
Now, in my CTA rotation, I’m joining a rapidly evolving and expanding team, which is exciting, and I can’t wait to learn more about threat actors, vulnerabilities, and a growing array of threats. I’m also working on a project that leverages machine learning to improve workflow for members of the team. I hope I can finish and deliver this project before my placements end, as I think it will provide immense value to the team.
My MDR rotation was an incredible experience, and I can’t wait to see what the next few months with the CTA team will hold!
Final Thoughts
Our placements at Solis have been invaluable in developing our cybersecurity expertise. Through each rotation, we’ve, not only gained technical proficiency but also developed our critical thinking, problem-solving and communication skills. The hands-on experience we’ve all gained has been instrumental in preparing us for future careers in the field. We’re excited for what lies ahead in our placements, and we look forward to sharing further updates on our journey!
