The Skillbridge Program is exclusive to Active Service Members of the U.S. Military

Trusted by governments, commercial enterprises, and educational institutions worldwide, Flashpoint helps organizations protect their most critical assets, infrastructure, and stakeholders from security risks such as cyber threats, ransomware, fraud, physical threats, and more. Leading security practitioners—including physical and corporate security, cyber threat intelligence (CTI), vulnerability management, and vendor risk management teams—rely on the Flashpoint Intelligence Platform, comprising open source (OSINT) and closed intelligence, to proactively identify and mitigate risk and stay ahead of the evolving threat landscape. Learn more at www.flashpoint.io.

Flashpoint is proud to be an authorized provider of the DoD SkillBridge program which provides opportunities for Service Members to gain valuable civilian work experience through specific industry training and internships.

Under the SkillBridge Program, Flashpoint hosts active-duty U.S. military members for skilled employment training for up to the final six months of active-duty obligated service. The SkillBridge Program/Role with Flashpoint will run 90 - 180 days. DoD SkillBridge offerings can be based on any open role within the company, given appropriate experience, interest, availability, and capacity to train. If you have experience in any of the following areas or are interested in learning about additional opportunities, apply today!

Opportunities

• Vulnerability Data Intelligence
• Threat Intelligence
• Technical Intelligence
• Physical Security
• Intelligence Editing and Production
  

Please select the opportunity that best aligns with your experience and interests in the dropdown below

Vulnerability Data Intelligence

What you will get to do on our team

• Assist team members during peak activity periods to ensure the timeliness of high-quality data.
• Monitor work queues as needed to maintain balanced workloads and achieve turn-around standards, ensuring data quality.
• Analyze vendor security advisories, research vulnerability reports, mailing lists, product changelogs, news articles, bug trackers, commits, exploits, and many other sources to identify issues that constitute legitimate vulnerabilities (sources are provided) in order to author a detailed vulnerability entry based on findings.
• Analyze and review new vulnerabilities for inclusion into the VulnDB product and update existing vulnerability entries with details, references, product information, exploit availability, and solutions.

To be successful, you will need

• Reading comprehension, attention to detail, and deductive reasoning.
• Writing skills and affinity for writing research papers and summarizing complex subjects into short entries.
• Self-motivation and the ability to work independently and in collaboration with others.
• Compassion for customer needs and desire to work in client-sense business.
• Knowledge of common security software and hardware vulnerabilities and attack vectors. Familiarity with OWASP top 20.
• Some experience with vulnerability exploit development would be helpful, as well as familiarity with security assessment tools and techniques.
• Understanding Windows and Linux operating systems concepts, access controls, and privilege levels.
• Familiarity with many more widely used web applications, client and server software, and web browsers.

Amazing to have but not required

• Understanding of secure coding practices, cryptography, and authentication protocols.
• In-depth knowledge of security and network fundamentals, such as cryptography, authentication, access control, and network protocols (TCP/IP, UDP, DNS, HTTP, etc.)
• Programming experience with scripted languages (preferably Python3) and compiled languages (preferably C).
• Experience in conducting security testing, vulnerability and network scanning, and penetration testing.
• Ability to write efficient and secure code for vulnerability research and exploit development purposes.
• Ability to set up a system to test a researched vulnerability, verify PoCs, and exploits of the vulnerabilities.
• Experience with slack automation or business rules automation.
• Excellent problem-solving and analytical skills to identify and address security vulnerabilities effectively.

Threat & Technical Intelligence

What you will get to do on our team

• Support technical analysis of malware
• Identification of new and exploited vulnerabilities in-the-wild

To be successful, you will need

• Experience with Python, C++, or other programming languages
• Experience reviewing or analyzing malware logs, malware analysis, reversing, or penetration testing
• Ability to recognize inefficiencies to be addressed by process improvements or automation

Physical Security

What you will get to do on our team:

• Handle live interactive client engagements when high impact events occur (e.g. major cyber or physical attacks, Rapid Risk Response)
• Produce quality analytic judgments that provide additional context to clients
• Professional written and oral etiquette and communication with attention to detail

To be successful, you will need:

• Knowledge in cyber domain and emerging threats
• Familiarity with the intelligence cycle

Intelligence Editing and Production

What you will get to do on our team:

• Support editing and review of intelligence production deliverables within set deadlines
• Conduct initial review of some additional finished intelligence reports
• Prepare intelligence reports for publication for internal and external stakeholders
• Strong attention to detail; ability to correct grammar and punctuation errors and adhere to style guidelines
• Ability to recognize and begin to correct higher-level editorial and writing issues

To be successful, you will need:

• Editing experience
• Understanding of basics of the cyber and physical threat landscapes
• Understanding of current events as they relate to security and intelligence

Qualifications

Minimum Requirements:

• Current Active Duty Service Member
• Meets DoD SkillBridge Qualifications
• Available to participate 90-180 days
• Work remotely in the continental US

Additional Information

SkillBridge participants are not eligible for compensation from Flashpoint, as they continue to receive military compensation and benefits as active-duty service members. Your unit Commander must authorize participation in Flashpoint's SkillBridge Program prior to the start of the internship.