GoSecure Internship Experience

During my internship at GoSecure, I worked within the Project Management team responsible for onboarding new clients to a range of managed cybersecurity services. This role placed me at the intersection of technical teams, security operations, and client communication, giving me a broad and practical understanding of how modern cybersecurity services are deployed and operated.

Role & Responsibilities

My primary responsibility was to take part in coordinating the onboarding of multiple security services, including SIEM, EDR/MXDR, VMaaS, Dark Web Monitoring (DWM), and Inbox Detection & Response (IDR).

I worked with the team to act as a bridge between clients and technical teams by:

Leading initial client interactions and making a detailed presentation of purchased services
Organizing and facilitating onboarding meetings
Documenting technical discussions and ensuring accurate knowledge transfer
Writing detailed follow-up reports with action items and deployment steps

This role helped me develop strong communication skills as well as the ability to understand and translate technical concepts across different stakeholders.

Technical Exposure

Although my position was not purely technical, it provided deep exposure to the architecture and workflows mainely of the SOC.

Log analysis (Windows Events, WEC, EDR telemetry)
Detection and alerting workflows
SIEM correlation and event aggregation
How different security layers interact (EDR → SIEM → SOAR)

Technologies & Tools

During the internship, I worked with several industry-standard tools, including:

FortiSIEM
Microsoft Sentinel
Microsoft Defender for Endpoint
FortiEDR
Flare, for dark web intelligence

I also used collaboration and operational tools such as Zendesk, GoSecure’s internal platform (Titan), MS Teams, Planner, Loop, List and other Microsoft tools.

Key Learnings

One of the most valuable aspects of this experience was understanding how cybersecurity services are deployed in real-world environments.

I gained insight into:

How logs are collected, centralized, and analyzed using collectors, agents, and Windows Event Collector (WEC).
How alerts are generated through correlation across multiple data sources
How SOC teams investigate and respond to threats
How different security products integrate into a unified defense strategy

I also contributed to internal documentation, process timelines, and technical validation tasks, Dark Web Monitoring reports for exemple, where I verified the relevance and accuracy of exposed data using Flare.

Collaboration & Communication

Collaborated with cross-functional teams including SOC, Vulnerability Management (VMaaS), Inbox Detection & Response (IDR).

This experience helped me develop the ability to navigate technical discussions while maintaining a strong focus on client satisfaction and clear communication with many team members.

Personal Takeaways

This internship was particularly rewarding in environments where technical systems and human collaboration meets.

I discovered that I enjoy:

Working in team-oriented environments
Being involved in both technical and organizational aspects
Contributing to real-world security operations

Summary

My experience at GoSecure gave me a comprehensive introduction to the lifecycle of managed cybersecurity services—from deployment to ongoing operations.

Even though my role was centered around onboarding coordination, it allowed me to build a strong technical foundation in:

SIEM and log analysis
Endpoint detection technologies
Threat detection workflows
SOC operations

This experience strengthened both my technical understanding and my ability to operate in a professional cybersecurity environment.

A typical day during my internship at GoSecure combined client coordination, internal collaboration, and ongoing onboarding tasks across multiple cybersecurity services.

I usually started my day by reviewing active onboarding tickets in Zendesk. This allowed me to stay up to date on each client’s progress, respond to pending requests, and identify if there are urgent follow-ups from the previous day.

The morning was followed by a daily team meeting (SCRUM) with the Project Management team. During this meeting, we aligned on priorities, shared updates on client onboarding progress, and discussed any challenges that required coordination with technical teams. It was also an opportunity to take on additional tasks when availability allowed.

The rest of the day was structured around client onboarding activities. This included:

Client meetings
Coordinating with technical teams (SIEM, EDR, VMaaS, etc.)
Taking detailed technical notes during discussions
Ensuring accurate communication between all stakeholders

Between meetings, I focused on operational and support tasks such as:

Writing follow-up emails summarizing meetings, decisions, and action items
Updating documentation and onboarding timelines
Performing platform configurations for new clients (account setup, access, integrations)
Supporting ongoing deployments by tracking progress and resolving minor issues

Midweek (typically Wednesdays and Thursdays), I participated in more technical meetings with broader teams members involving security analysts and engineers. These sessions provided deeper insight into real-world cybersecurity operations, including deployment challenges, detection logic, and interactions between different security tools.

Overall, my daily routine required strong organization, adaptability, and communication, as I continuously balanced multiple clients, tasks, and cross-team interactions in a fast-paced cybersecurity environment.

← Back to Home