GoSecure Internship Experience

During my internship at GoSecure, I worked within the Project Management team responsible for onboarding new clients to a range of managed cybersecurity services. This role placed me at the intersection of technical teams, security operations, and client communication, giving me a broad and practical understanding of how modern cybersecurity services are deployed and operated.

Role & Responsibilities

My primary responsibility was to coordinate the onboarding of multiple security services, including SIEM, EDR/MXDR, VMaaS, Dark Web Monitoring (DWM), and Inbox Detection & Response (IDR).

I acted as a bridge between clients and technical teams by:

Leading initial client interactions and presenting purchased services
Organizing and facilitating onboarding meetings
Documenting technical discussions and ensuring accurate knowledge transfer
Writing detailed follow-up reports with action items and deployment steps

This role required strong communication skills as well as the ability to understand and translate technical concepts across different stakeholders.

Technical Exposure

Although my position was not purely technical, it provided deep exposure to the architecture and workflows of Security Operations Centers (SOC).

Log analysis (Windows Events, WEC, EDR telemetry)
Detection and alerting workflows
SIEM correlation and event aggregation
How different security layers interact (EDR → SIEM → SOAR)

Technologies & Tools

During the internship, I worked with several industry-standard tools, including:

FortiSIEM
Microsoft Sentinel
Microsoft Defender for Endpoint
FortiEDR
Flare (for dark web intelligence)

I also used collaboration and operational tools such as Zendesk, Microsoft Teams, Planner, Loop, and GoSecure’s internal platform (Titan).

Key Learnings

One of the most valuable aspects of this experience was understanding how cybersecurity services are deployed in real-world environments.

I gained insight into:

How logs are collected, centralized, and analyzed using collectors, agents, and Windows Event Collector (WEC).
How alerts are generated through correlation across multiple data sources
How SOC teams investigate and respond to threats
How different security products integrate into a unified defense strategy

I also contributed to internal documentation, process timelines, and technical validation tasks, particularly for Dark Web Monitoring reports, where I verified the relevance and accuracy of exposed data using Flare.

Collaboration & Communication

Collaborated with cross-functional teams including Security Operations (SOC), Cloud Security, Vulnerability Management (VMaaS), Threat Detection & Response (IDR), Service Delivery, and PMO.

If I was not directly working with otheremployees, I had the time to meet them at the office.

This experience helped me develop the ability to navigate technical discussions while maintaining a strong focus on client satisfaction and clear communication.

Personal Takeaways

This internship confirmed my interest in cybersecurity, particularly in environments where technical systems and human collaboration intersect.

I discovered that I enjoy:

Working in team-oriented environments
Being involved in both technical and organizational aspects
Communicating complex ideas clearly
Contributing to real-world security operations

Summary

My experience at GoSecure gave me a comprehensive introduction to the lifecycle of managed cybersecurity services—from deployment to ongoing operations.

Even though my role was centered around onboarding coordination, it allowed me to build a strong technical foundation in:

SIEM and log analysis
Endpoint detection technologies
Threat detection workflows
SOC operations

This experience strengthened both my technical understanding and my ability to operate in a professional cybersecurity environment.

A typical day during my internship at GoSecure combined client coordination, internal collaboration, and ongoing onboarding tasks across multiple cybersecurity services.

I usually started my day by reviewing active onboarding tickets in Zendesk. This allowed me to stay up to date on each client’s progress, respond to pending requests, and identify any blockers or urgent follow-ups from the previous day.

The morning was followed by a daily team meeting (SCRUM) with the Project Management team. During this meeting, we aligned on priorities, shared updates on client onboarding progress, and discussed any challenges that required coordination with technical teams. It was also an opportunity to take on additional tasks when availability allowed.

The rest of the day was structured around client onboarding activities. This included:

Hosting or facilitating client meetings
Coordinating with technical teams (SIEM, EDR, VMaaS, etc.)
Taking detailed technical notes during discussions
Ensuring accurate communication between all stakeholders

Between meetings, I focused on operational and support tasks such as:

Writing follow-up emails summarizing meetings, decisions, and action items
Updating documentation and onboarding timelines
Performing platform configurations for new clients (account setup, access, integrations)
Supporting ongoing deployments by tracking progress and resolving minor issues

Midweek (typically Wednesdays and Thursdays), I participated in more technical meetings involving security analysts and engineers. These sessions provided deeper insight into real-world cybersecurity operations, including deployment challenges, detection logic, and interactions between different security tools.

Overall, my daily routine required strong organization, adaptability, and communication, as I continuously balanced multiple clients, tasks, and cross-team interactions in a fast-paced cybersecurity environment.

← Back to Home