2025
Information Security Intern
@ Ropes & Gray LLP
SIEMAzureSecurityRisk Assessment
Monitored and analyzed SIEM alerts to identify threats, responded to security incidents, and researched Microsoft's Azure Network Security Perimeter to enhance protection for sensitive workloads.
Security Operations & Incident Response
- —Reviewed security alerts and logs using the firm's SIEM platform and supporting tooling
- —Responded to events and alerts generated by security technologies, managed security providers, and user-reported activity suggestive of a potential information security incident
- —Supported day-to-day operational tasks and alerts assigned to the Information Security Team
- —Promptly responded to end-user requests for assistance and proactively assessed potential items of risk and vulnerability in the network
Vulnerability & Vendor Risk Management
- —Assisted with coordinating and executing the firm's vulnerability management program, including pre-deployment risk and compliance assessments
- —Supported the firm's vendor risk management program and coordinated third-party technical risk assessments and audit activity
- —Participated in internal technical risk assessments and audits
Security Documentation & Governance
- —Produced and maintained information security documentation including policies, procedures, standards, guidelines, and architecture diagrams
- —Promoted a culture of information security across business units
- —Adhered to relevant policies, procedures, standards, and accepted security practices
Technology Evaluation & Cloud
- —Participated in the design, maintenance, and development of firm technology solutions
- —Researched Microsoft's Azure Network Security Perimeter to strengthen protection of sensitive workloads
- —Stayed current on emerging cloud technologies and evaluated vendor offerings to determine best fit for business needs