security intern sccip development

Experience as Security Intern at Senfal

“Senfal exists of motivated people all working towards innovation and sustainability”

In this blog, Intern René Bisperink from the Saxion University of Applied sciences shares his experience from working as an IT Security Analyst while interning at Senfal. If you think this is interesting, check the vacancy to become the next Security Intern!

With this blog, I hope to warm people up to the idea of solar energy (pun intended), and to explain how I experienced the first eight weeks of this Internship so far.

Back when I was still studying Software Engineering, I discovered that I found tinkering and working with systems and servers more enjoyable than programming. With the switch to IT Service Management, security was also a topic we discussed. Throughout the courses, security was one of the things I enjoyed most, so I started looking for Internships concerning (IT) security. Senfal was one of the organizations that caught my eye because of their focus on sustainability. Soon after submitting my Proposal and contract to the Saxion University, I started as a Security Analyst at Senfal. This led to the creation of a new Security Operations team within Senfal consisting of Steven Reiz and me, with some of the company’s stakeholders involved in the process.

My experience working at Senfal

During this internship, I focused on my interest in IT security analysis, but I also practiced my System Administrator and communication skills in a business environment. The integration of multiple disciplines, including system administration, security, governance, law and quality assurance within IT, allowed me to apply, broaden and deepen my professional knowledge of IT. At the same time, I could work on my social, communication and leadership skills. Most of the time, I work as an IT security analyst. In this role I help developing policies, standards and guidelines, and I create baselines of security for Senfal. I also help defining the security program and ensuring that its elements are carried out by the employees of Senfal. Being an IT security analyst also means I perform out system audits, penetration tests and security assessments, as well as rolling out new systems that help improve security and configuring devices to work more securely. During my assignments, I combined Security Analysis with IT security analysis to achieve the best results.

The assignments

The internship in itself did not consist of one large assignment on which I worked all the time. Instead, I carried out various assignments within a Security Operations Scrum team and as part of a Development Operations organization. This meant that I was integrated in the organization as a security analyst and was assigned to the most pressing issues at those specific moments. I worked on a lot of issues a real security analyst would also have to deal with. Steven and I made a risk analysis, calculated the impact from every risk, set up a baseline of security, checked the gaps in our security based on the risks and the baseline and started working on a new security policy, using guidelines and standards derived from our analysis. And this was only a part of our assignments.

I had hands-on experience with live systems and the roll-out in the organization  

Throughout this internship so far, I used a number of approaches and exposure methods within Senfal. They include hands-on experience with live systems, prototyping systems for learning purposes and later roll-outs in the organization itself, doing research and reading the relevant materials, teaching and explaining security subjects, but also asking questions and doing interviews. The work that I am doing within Senfal has a positive impact on the organization. The combination of a good working environment, a great mission of clean energy and interesting challenges allowed me to develop myself greatly.

Results of my work

The hands-on experience on live systems together with prototyping of new implementations, including improved authentication and authorization of our Senfal accounts and Dokuwiki with the help of two-factor authentication and Single Sign On is one of the multiple direct influences my work had on the organization. I worked on a risk analysis and gap analysis which showed Senfal’s tangible security risks and what to do about it. Currently I am also working on preparing Senfal for the GDPR (mentioned in previous blog), patching system vulnerabilities based on KRACK and other exploits, working on new security Public Key Infrastructure Certificate Authorities and much more. Even when just looking at security, the work I am doing and will be doing is different every day.

People at Senfal love the job  

The company lunch

During the company lunch, many interesting topics come up. We often talk about books, shows or just interests of a particular colleague. One of the values of Senfal is ‘Be a beautiful Nerd’. The people working at Senfal love their job and all of them are nerds in their own way. We all have our bizarre knowledge of (unimportant) facts, which makes working together a lot of fun and it means that everyone can learn from each other. Everyone has the right to be him/herself, and that shows during these talks. It is a group of motivated people all working towards innovation and sustainability. Simply put, all my colleagues at Senfal are very nice people and they all contribute to the pleasant ambiance at work. They made me feel welcome from the very first day of my internship, for which I am thankful. Secondly, I would like to thank my family and friends who support me during this internship, including new friends and connections made during this internship. Finally, thanks to both Senfal, my supervisor Steven Reiz and Saxion for providing me with this opportunity.

In short, my work as an IT Security Analyst at Senfal is both challenging and a lot of fun. The things that I learned about myself and this work can help me in the future, both during this internship and in the future. The first eight weeks went by in a flash, and I’m proud to see my work has an actual impact on the organization. Different kinds of people come together to work towards innovation and sustainability, each adding their own expertise. All in all, I have really enjoyed my time here so far and I think that working at Senfal helps with making a difference in the world, one step at a time.

If you like wat René is working on: check our vacancy, since we’re looking for a new Security Intern to start in January!

 

Vacature Security Intern