Security Analyst Apprenticeship

Who Youll Work With

You will work closely with senior penetration testers security operations analysts and software engineers to support offensive security and operational security initiatives. Under the guidance of experienced security professionals you will collaborate with the SecOps team on vulnerability analysis incident triage and log investigations while partnering with application and cloud engineers to understand system architecture application logic and containerized environments. You will also engage with stakeholders across engineering and operations to clearly communicate security findings validate remediation efforts and ensure security best practices are integrated into development and cloud workflows.

Who Youll Work With

Core Responsibilities (Must-Have) 

Offensive Security & Vulnerability Analysis: 

• Execute penetration testing tasks under senior guidance focusing on identifying common vulnerabilities across web applications APIs and infrastructure. Gain practical experience with industry-standard penetration testing tools including Burp Suite Professional Nmap and Metasploit Framework. 
• Apply a foundational understanding of the OWASP Top 10 (Web/API) to identify and document security flaws. 
• Utilize Python Bash or PowerShell to develop simple scripts that automate routine security checks and assist in tool development. 
• Assist in conducting security reviews of cloud environments (AWS Azure GCP) focusing on detecting fundamental security misconfigurations (e.g. exposed storage overly permissive network access). 
• Understanding of basic security configuration of containerized applications (eg. Docker).

Operational Security (OpSec) & Incident Handling: 

• Assist the security operations team in the initial triage and documentation of security incidents applying knowledge of the MITRE ATT&CK Framework to categorize events. Monitor security queues and support the resolution of routine security tickets following established runbooks and procedures. 
• Adhere to and enforce strict operational security (OpSec) procedures ensuring the integrity and stealth of all testing infrastructure and client data. 
• Perform basic log analysis in SIEM tools (e.g. SUMO Logic Elastic EDR data) to support investigation of suspicious activity or validate exploit attempts. 
• Communicate security findings and remediation steps clearly and accurately to both technical and non-technical audiences. 
• Collaborate effectively with software engineers to understand application logic and support the remediation of identified vulnerabilities.
• Stay up-to-date on emerging security threats and basic attack techniques.

Qualifications :

• BE or Computer Science Information Security or a related field. 02 years of experience in security testing vulnerability analysis or a related field (Internship experience is highly valued). 
• Demonstrated understanding of TCP/IP fundamentals Linux/Windows operating systems and basic software development practices. 
• Hands-on experience using penetration testing tools (e.g. Burp Suite Community/Professional Nmap) and vulnerability scanners (e.g. Nessus Qualys). Excellent verbal and written communication skills. 

Nice-to-Have Skills 

• Completion of an introductory security certification (e.g. Security eJPT or relevant cloud certifications). 
• Familiarity with Static Analysis (SAST) tools such as Checkmarx or SonarQube. Basic knowledge of RESTful API architectures and related security implications. Practical experience with scripting languages like Python Bash or PowerShell for security tasks.

Additional Information :

Arista stands out as an engineering-centric company. Our leadership including founders and engineering managers are all engineers who understand sound software engineering principles and the importance of doing things right.

We hire globally into our diverse team. At Arista engineers have complete ownership of their projects. Our management structure is flat and streamlined and software engineering is led by those who understand it best. We prioritize the development and utilization of test automation tools.

Our engineers have access to every part of the company providing opportunities to work across various domains. Arista is headquartered in Santa Clara California with development offices in Australia Canada India Ireland and the US. We consider all our R&D centers equal in stature.

Join us to shape the future of networking and be part of a culture that values invention quality respect and fun.

Remote Work :

No

Employment Type :

Intern