Cyber Threat Intelligence Intern

Cowbell is signaling a new era in cyber insurance by harnessing technology and data to provide small and medium-sized enterprises (SMEs) with advanced warning of cyber risk exposures bundled with cyber insurance coverage adaptable to the threats of today and tomorrow. Championing adaptive insurance, Cowbell follows policyholders’ cyber risk exposures as they evolve through continuous risk assessment and continuous underwriting. In its unique AI-based approach to risk selection and pricing, Cowbell’s underwriting platform, powered by Cowbell Factors, compresses the insurance process from submission to issue to less than 5 minutes.

Founded in 2019, Cowbell is based in the San Francisco Bay Area with employees across the U.S., Canada, and the U.K. and is backed by over 15 A.M. Best A- or higher rated reinsurance partners.

In support of our rapid growth, we are actively looking for ambitious people, who are not afraid of hard-work and never shy away from taking calculated risks and embracing ambiguity as it comes. Here, the opportunities are limitless for those who dare to pursue bold ideas that exist beyond the boundaries of possibilities.Join our team and be part of a growing institution where you can hone your skills and develop new ones in a fun, challenging and dynamic environment.

If that sounds like you, we want to hear from you!

What we do

The InfoSec team drives security and compliance improvements to reduce risk by building out key security programs. We enable our colleagues in securing the company and support our customers’ security journey with tried and true best practices. We are a Java, Python, and React shop combined with world class cloud infrastructure (such as AWS & Snowflake). Balancing proper security while enabling execution speed for our colleagues (& customers) is our ultimate goal. It’s challenging and rewarding! If you are up for the challenge, come join us.

The Opportunity

No busy work here. As an Intern, you’ll be treated just like our entry level staff. You can look forward to a fast-paced environment with project assignments designed to deepen your technical knowledge and overall experience in cybersecurity. 

• Partner and collaborate with internal stakeholders in assisting with the overall security posture with an emphasis in the Engineering and Operations/IT areas.
• Work across engineering, product and business systems teams to enhance and evangelize security in applications/infrastructure. Drive changes needed to respond to emerging threats
• Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts
• Develop and maintain application scanning solutions to inform stakeholders of security weaknesses & vulnerabilities.
• Review outstanding vulnerabilities with product teams and assist in remediation efforts to reduce risk
• Help in developing the capability to automate triaging, validating, reporting and reproducing application vulnerabilities.
• Capture and document your excellent work

Qualifications:

• Detail-oriented student leader with problem solving, communication, and analytical skills.
• Pursuing a postgraduate degree preferred (MS, PhD) or Bachelor's degree in information security, CS (security emphasis), or related field.
• Academic success - a minimum cumulative GPA of 3.0.
• On track to complete the requisite degree and a goal of successfully obtaining relevant certifications associated with your career field.
• Good understanding of CVE and CVSS scoring and how to utilize this data for validation, prioritization, and remediation.
• Capability to deploy, provide maintenance for, and operationalize scanning solutions.
• Hands-on ability to conduct scans across application repositories and infrastructure.
• Ability to complete assignments in a timely manner with attention to detail.
• Ability to establish priorities and manage multiple tasks.
• Great at and enjoys documenting solutions; creating operational documentation, developing technical diagrams, and similar artifacts.

Preferred Qualifications:

• Some previous experience developing and reporting vulnerability metrics as well as articulating how to reproduce and resolve those security defects.
• Some experience to provide engineering teams with technical guidance on the impact and priority of security issues and driving remediation
• Capability to develop operational process from scratch or improve current processes and procedures through well thought out hand-offs, integrations, and automation
• Familiarity with multiple security domains such as application security, infrastructure security, network security, incident response, and regulatory compliance and certifications
• Penetration testing experience and understanding of remediation techniques for common misconfigurations and vulnerabilities
• Understanding of modern endpoint security technologies/concepts
• Adept at working with distributed team members

Target Salary : $30/hr 

What Cowbell brings to the table:

• Winner of Inc. Magazine’s Annual List of Best Workplaces for 2022
• Nationwide medical, dental and vision coverage plus life insurance, long term disability and flexible spending accounts
• Employee equity plan for all and wealth enablement plan for select customer facing roles
• Comprehensive wellness program including unlimited PTO, company-wide wellness days, wellness app subscriptions, lunch & learn, book club, get-togethers, lunch & communication stipends, happy hours and much more
• Professional development and the opportunity to learn the ins and outs of cyber insurance, cyber security as well as continuing to build your professional skills in a team environment