Lost in the sea of IT from a bad internship

kratositykratosity Registered Users Posts: 1 ■□□□□□□□□□
So I am a senior about to graduate this December and I am so lost. The whole 2 years after my sophomore year I have been trying to get into an internship program for Information Security. I had no luck until this past spring, and I got into the program (apparently the other applicants are too stupid to answer questions likewhat is symmetric key encryption).

RANT:
Long story short, the entire summer has been a huge waste of time. The internship did not get me involved deep enough to really learn anything. This is my first internship, and I am a BSIT major with a concentration in Security and Assurance, so all I know are the technical things. This internship was majority nontechnical (which is fine!), but they told me to teach myself these concepts and get lower level certs. I am the INTERN, you should have had a small project for me to do that incorporates the aspects of security in the corporate office. I would get calls from othr companies for actual jobs and internships and have to tell them no because I am already in one for the summer. If I could leave I would have, but I need the money and it is just not ethical to leave an internship cold turkey. I want to get OUT, I have no idea if I want to be a practitioner or professional. The program should have shown me the distinction. I would sit at my desk looking over Network+ and Security+ material but I could do that at home...

TL;DR + Question:
What advice would you give a college student about to graduate this year that has no experience and only an IT Security internship under their belt?

Comments

  • networker050184networker050184 Mod Posts: 11,962 Mod
    Things rarely go as planned. Probably the best lesson you learned this summer!

    Take that internship and make it sound as awesome as possible on the resume and start looking for jobs. With no experience keep your expectations in check. You're probably not going to have the job you really want for a few years at least. Make the most of your experiences in the mean time.
    An expert is a man who has made all the mistakes which can be made.
  • blatiniblatini Member Posts: 285
    Most people who graduate from college don't have any experience. Just talk about personal projects/classwork/interests and have a good cover letter.
  • Repo ManRepo Man Member Posts: 300
    Welcome to the real world :). I've never seen an intern be given valuable work.
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    I would be surprised if anyone really learned a lot of information from an internship. From a technical standpoint that is. Especially when it comes to the security of a company.

    The internship should've given you an idea of what people who are actually in information security do though... And I don't mean by you doing the work they do. Companies don't give interns tasks that could involve a lot of risk. And with information security, that includes most of the work.

    For advice, I would advise you to look up job ads for positions that you want to go into, see what skills they are asking for, and work on those. If you can build a lab at home and work on those skills in your lab, instead of just reading about how to do things, you would WAY ahead of most people out there. Alot of lazy people out there and if you work put in the time and effort to improve yourself you can move up quickly.
  • TibsTibs Member Posts: 17 ■□□□□□□□□□
    Keeping in mind that they are an employer and would likely know what they are looking for in potential employees, they might see having you focus on lower level certs as filling in potential gaps on your resume. It's unlikely that they are doing it because "we need to give the intern something to do". They may have good intentions, but they may also need a little a guidance to know what *you* are looking for in the internship.

    It sounds like you haven't left the position yet, so there may still be a chance to gain something from the internship. This may seem fairly obvious, but have you had this conversation with them yet? Letting them know that you would like to gain some real on-the-job experience, in addition to the things they have already been having you focus on? Asking for more responsibility in a polite way to let them know you want to get the most you can from the internship?

    If their only goal in helping you is to have you focus on lower certs and be able to put an internship on your resume; then maybe it was a waste of time and a bad decision where the expectations were not clear when you signed up. But this is certainly a conversation to have with them. There may be an opportunity to still turn this around, just make sure their expectations of an intern and your expectations of an internship are clear to both parties. You may be able to find a middle ground and walk away with more in the time you have left.
  • LA2LA2 Member Posts: 43 ■■□□□□□□□□
    lol. You're about to GRADUATE college with a BSIT in infosec AND work experience in security. You got PAID to study for two certs WHILE WORKING.
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    LA2 wrote: »
    lol. You're about to GRADUATE college with a BSIT in infosec AND work experience in security. You got PAID to study for two certs WHILE WORKING.

    #firstworldproblems
  • ITSec14ITSec14 Member Posts: 398 ■■■□□□□□□□
    Here we go...

    That sucks they didn't at least give you some small projects to do to get some hands on experience. What's the point of internships if you get nothing from it? I give you a lot of credit for at least taking the right steps to get into the field though. Now I have to say this...the world owe's you nothing. You will have struggles in life outside of your control, but you will find success too if you work hard and can be patient. Also, don't label someone as being "too stupid" just because they may not know something. We all come from different starting points and it's unfair to label someone who could actually become your boss one day (I've seen it happen).

    I know this sounds like the typical preaching adult speech, but I'm only in my late 20's (not much older than you) and I had to work my a** off to get where I'm at (working full time and going to school at night full time), but I did it with an open mind and understanding that I don't have all the answers and probably never will.
  • NOC-NinjaNOC-Ninja Member Posts: 1,403
    Infosec is huge. YOu mentioned " so all I know are the technical things. This internship was majority nontechnical "
    Believe it or not, interns dont get real good projects because they see them as incapable. YOu have to prove yourself.


    You mentioned "so all I know are the technical things." Did you ask them for technical work? What did they say?


    "but they told me to teach myself these concepts and get lower level certs." = this means they are telling you that you are weak in concepts / the very basics of networks and security.


    "I would sit at my desk looking over Network+ and Security+ material but I could do that at home..." Lots of people here study at work when there is down time. take advantage of it.
  • clarkincnetclarkincnet Member Posts: 256 ■■■□□□□□□□
    Two quick thoughts.

    First - be grateful for the opportunity to put something on your resume. You got hired, which means others didn't.

    Second, use that to your full advantage. Most internships are what the intern makes it out to be. We usually give interns the grunt work and are happy to have them do it in a corner. However, when the occasional intern asks for more, or to be included in a project, we usually do whatever we can to include them. But they have to ask - not because we don't care - but because we don't tend to think about it in the heat of solving a problem.

    When I hire people straight from internships, I generally know what types of opportunities were afforded them. No sane person will give the intern the keys to the kingdom - so when I see interns claiming they ran a project to upgrade an Active Directory domain (or insert other fabulous but nonsensical dream here) I know that's most likely not the case.

    But having worked in the real world vs another candidate that hasn't... does give you an advantage - be grateful for that... that's all I'm saying...
    Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!

    Have: CISSP, CISM, CRISC, CGEIT, ITIL-F
  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    You are not lost because the internship is bad. You are lost because you set your degree, your college experience, your own abilities and your expectations way to high.
    Expecting an intern to do technical work and run projects, even small projects.

    You are just another millennial branding himself as an expert in everything without even having touch anything.
    Brace yourself for this and try to change your attitude in life.

    You were struggling to get an internship for 2 years, yet when you finally get one after 2 years you claim you beat others because you know what symmetric key encryption is. Did you consider that the internship you gpt was the only one left because the others more smarter than you actually got the better internships? Provably not, because you are the best, no matter if you finished last.

    If they tell you to read and learn, thats because they understand you still lack knowledge and technical experience.

    What type of technical projects were you expecting to work on anyway? Did you expect to get access to the firewalls and start doing changes to the rules? Maybe the SIEM or DLP or maybe you wanted to have admin rights in active directory and the proxies.

    Interns learn by watching others and being around more experienced people not by giving them free reign to run projects.

    Hopefully this experience will get you down from that 9th cloud you appear to be on and get you down to the ground where experience is gained.

    My intern is about to finish his Master's in 1 year and I have him send out emails and call people for information, but because he does all this, we invite him in all our meetings so he can listen in. Maybe you should start doing some of the grunt work.

    Advice given, now go and do some non technical stuff.

    By the way, I'd like to know what is considered non technical in your eyes because 80% of Infosec and Assurance is non technical.
  • BerkshireHerdBerkshireHerd Member Posts: 185
    By the way, I'd like to know what is considered non technical in your eyes because 80% of Infosec and Assurance is non technical.

    Having worked in Infosec for over three years I'm going to say 90+ percent is no technical, especially in an industry that has separation of duties. Still as challenging as day 1.
    Identity & Access Manager // B.A - Marshall University 2005
  • UnixGuyUnixGuy Mod Posts: 4,570 Mod
    I never got any internships or anyone to teach me anything, be grateful mate.
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Learn GRC! GRC Mastery : https://grcmastery.com 

  • scaredoftestsscaredoftests Mod Posts: 2,780 Mod
    Same here. I learned as I went since I basically 'volunteered' to be the first network admin for my lab. What a learning experience that was. So,yes.. be grateful you have this chance.
    Never let your fear decide your fate....
  • kurosaki00kurosaki00 Member Posts: 973
    Things rarely go as planned. Probably the best lesson you learned this summer!

    Take that internship and make it sound as awesome as possible on the resume and start looking for jobs.

    This goes for most of the job experiences too. You take the best you can out of the experience, get a new gig. Little by little you climb into the profession you want.
    meh
Sign In or Register to comment.