Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
FM Research Cybersecurity Co-op image - Rise Careers
Job details

FM Research Cybersecurity Co-op

Overview

FM is a leading property insurer of the world's largest businesses, providing more than one-third of FORTUNE 1000-size companies with engineering-based risk management and property insurance solutions. FM helps clients maintain continuity in their business operations by drawing upon state-of-the-art loss-prevention engineering and research; risk management skills and support services; tailored risk transfer capabilities; and superior financial strength. To do so, we rely on a dynamic, culturally diverse group of employees, working in more than 100 countries, in a variety of challenging roles.

 

We are seeking a highly motivated and detail-oriented co-op student to join our cybersecurity team. The successful candidate will contribute to the continuous development of cyber mitigation strategies for Operational Technology (OT) environments, leveraging the MITRE ATT&CK for ICS matrix. This position offers hands-on experience in designing attack experiments, evaluating mitigation techniques, and supporting the development of testbeds for validating security measures. The co-op student will also be involved in producing technical documentation and utilizing threat intelligence to enhance our cybersecurity posture.

Responsibilities

  • Testbed Support
    • Assist in the development and maintenance of testbeds for validating cyber mitigation strategies.
    • Interest in configuring and troubleshoot hardware and software components within the testbed environment, including industrial devices (PLC, HMI, DCS, RTU, etc.) and industrial software (e.g. OPC UA/DA, PI, historians, user repositories, firewall management including inspection, etc.).
  • MITRE ATT&CK for ICS Expertise
    • Leverage MITRE ATT&CK for ICS matrix to understand adversarial tactics, techniques, and procedures in industrial control systems.
    • Research and propose mitigation strategies to address specific threats identified within the MITRE ATT&CK for ICS framework.
  • Run Experiments
    • Design and document attack experiments to simulate real-world cyber threats against OT environments.
    • Focus on attack strategies that are shifting from immediate exploitation to establishing persistent footholds within OT environments.
    • Incorporate techniques such as exploiting supply chains and "living off the land".
  • Analysis of Run Experiments
    • Evaluate the effectiveness of proposed IT and OT mitigation strategies in preventing or mitigating the impact of simulated attacks.
    • Analyze the results of experiments and provide recommendations for improving mitigation techniques.
  • Technical Documentation
    • Produce clear and concise slipsheets, technical reports, and presentations summarizing research findings and experimental results.
    • Document IT and OT attack methodologies, mitigation strategies, and testbed configurations.
  • Threat Intelligence and Research
    • Leverage threat intelligence feeds and research capabilities to stay informed about emerging cyber threats and vulnerabilities.
    • Analyze threat intelligence data to identify relevant threats to our OT environment and propose proactive security measures.
    • Use platforms and frameworks to improve and automate threat research.

Qualifications

  • Currently enrolled in a Master's degree program in Cybersecurity, Computer Science, Engineering, or a related field.
  • Familiarity with industrial control systems (ICS) and operational technology (OT) concepts.
  • Understanding of cyber-attack methodologies and mitigation techniques.
  • Knowledge of the MITRE ATT&CK framework, particularly the ICS matrix.
  • Interest in designing and conducting experiments or simulations.
  • Analytical and problem-solving skills.
  • Fluency in English, written and verbal communication skills.
  • Ability to work independently and as part of a team.

 

Preferred Skills

  • Experience with penetration testing or ethical hacking.
  • Knowledge of network security principles and technologies.
  • Familiarity with scripting languages such as Python or PowerShell.
  • Experience with virtualization technologies such as VMware or VirtualBox.
  • Understanding of threat intelligence concepts and tools.

 

This co-op position offers a valuable opportunity to gain practical experience in the field of OT cybersecurity and contribute to the development of innovative mitigation strategies.

 

This is an in-office role based in Norwood, MA.  Temporary relocation support provided for selected qualified candidate.

   

FM is an Equal Opportunity Employer and is committed to attracting, developing, and retaining a diverse workforce. 

 

#LI-TA1

 

What You Should Know About FM Research Cybersecurity Co-op, Factory Mutual Insurance Company

Join FM as an FM Research Cybersecurity Co-op in Norwood and immerse yourself in the exhilarating world of cybersecurity! FM is a leading property insurer, catering to some of the largest corporations globally. As a co-op student, you will be an integral part of our cybersecurity team, focusing on operational technology (OT) environments. Get ready for a hands-on experience where you'll design attack experiments based on the renowned MITRE ATT&CK for ICS matrix. Your journey will include developing and maintaining testbeds to validate cyber mitigation strategies and working directly with various industrial devices and software. You won’t just be learning; you’ll actively evaluate techniques that protect OT environments from evolving cyber threats. Contributing to the creation of technical documentation, you'll delve into the world of threat intelligence, helping us stay ahead of potential vulnerabilities. This role is perfect for someone enrolled in a Master's program in Cybersecurity or a related field, with a keen interest in tackling real-world cyber challenges. With FM, you’ll tap into a wealth of knowledge, improve your skills, and positively impact our business operations by developing innovative security measures. We value a diverse workforce, and our commitment to inclusion ensures you'll feel at home here. So if you're a passionate, detail-oriented individual looking for an exciting entry point into cybersecurity, we can't wait to hear from you!

Frequently Asked Questions (FAQs) for FM Research Cybersecurity Co-op Role at Factory Mutual Insurance Company
What are the main responsibilities of the FM Research Cybersecurity Co-op?

As an FM Research Cybersecurity Co-op, your primary responsibilities include assisting in the development and maintenance of testbeds for cyber mitigation strategies, leveraging the MITRE ATT&CK for ICS matrix to understand cyber threats, and designing experiments to simulate these threats in OT environments. You'll also analyze the effectiveness of IT and OT mitigation strategies and produce clear technical documentation summarizing your findings.

Join Rise to see the full answer
What qualifications do I need for the FM Research Cybersecurity Co-op position?

To qualify for the FM Research Cybersecurity Co-op, you should be currently enrolled in a Master's degree program in Cybersecurity, Computer Science, Engineering, or a related field. Familiarity with industrial control systems, an understanding of cyber-attack methodologies, and knowledge of the MITRE ATT&CK framework are highly beneficial. Strong analytical skills and effective communication abilities are essential for this role.

Join Rise to see the full answer
What types of projects will I work on as part of the FM Research Cybersecurity Co-op?

In the FM Research Cybersecurity Co-op role, you will work on exciting projects such as designing and conducting attack simulations to test our defenses, analyzing the effectiveness of various mitigation strategies, and producing technical documentation and reports. You’ll also conduct research on emerging cyber threats and utilize threat intelligence feeds to identify vulnerabilities specific to our OT environments.

Join Rise to see the full answer
Is previous experience with penetration testing required for the FM Research Cybersecurity Co-op?

Previous experience with penetration testing is not strictly required for the FM Research Cybersecurity Co-op position, but it can certainly enhance your candidacy. Familiarity with network security principles and technologies, along with an interest in ethical hacking and hands-on experimentation, will help you excel in this role.

Join Rise to see the full answer
What skills will I develop during my time in the FM Research Cybersecurity Co-op?

During your co-op experience at FM, you will develop a variety of valuable skills including technical documentation, experimental design, analysis of cyber-attack methodologies, and the application of the MITRE ATT&CK framework. Additionally, you will improve your problem-solving and analytical thinking abilities while gaining practical experience in the cybersecurity field.

Join Rise to see the full answer
Common Interview Questions for FM Research Cybersecurity Co-op
How do you stay informed about the latest cybersecurity threats and trends?

To stay informed about the latest cybersecurity threats and trends, I regularly engage with industry publications, follow key thought leaders on social media, and participate in online forums and community discussions. I also attend webinars and conferences where I can learn about emerging technologies and best practices in cybersecurity.

Join Rise to see the full answer
Can you explain the MITRE ATT&CK framework and its importance?

The MITRE ATT&CK framework is a comprehensive knowledge base that categorizes the tactics and techniques used by attackers. Understanding this framework is critical for cybersecurity professionals as it provides a common language for describing cyber threats and enhances the ability to develop effective mitigation strategies to safeguard environments, especially in the context of operational technology.

Join Rise to see the full answer
Describe a time when you had to analyze a complex problem related to cybersecurity.

In a past project, I analyzed an issue concerning unauthorized access to an asset management system. I gathered logs, identified patterns of access, and cross-referenced them with known vulnerabilities. By synthesizing this information, I created a detailed report on the incident and proposed enhanced access controls to mitigate future risks.

Join Rise to see the full answer
What experience do you have with industrial control systems (ICS)?

I have gained familiarity with industrial control systems during my coursework, where I studied their architecture and security challenges. Additionally, I participated in a simulation project that involved configuring and testing an ICS environment, allowing me to comprehend the significance of securing these systems against emerging cyber threats.

Join Rise to see the full answer
How would you approach designing an attack simulation experiment?

To design an attack simulation experiment, I would first identify the specific attack vector to simulate based on the MITRE ATT&CK framework. Then, I would set up a controlled testbed environment, document the attack scenarios, and execute the simulations. Post-experiment, I would analyze the results to assess the effectiveness of existing mitigation strategies and identify areas for improvement.

Join Rise to see the full answer
What scripting languages are you familiar with, and how have you used them in previous projects?

I am proficient in Python and PowerShell. I have utilized Python for automation tasks, such as data analysis and reporting, while PowerShell has been particularly useful for configuring and managing Windows environments. In my previous roles, these languages allowed me to streamline processes and enhance efficiency in security operations.

Join Rise to see the full answer
What role does threat intelligence play in cybersecurity?

Threat intelligence plays a crucial role in cybersecurity by providing timely and relevant information about potential threats and vulnerabilities. It allows organizations to take proactive measures against emerging risks, enhances incident response capabilities, and supports informed decision-making regarding security strategies and investments.

Join Rise to see the full answer
Explain your understanding of penetration testing and its significance.

Penetration testing is a simulated cyber-attack on a system to evaluate its security posture. The significance lies in its ability to uncover vulnerabilities before malicious actors can exploit them, thus enhancing an organization’s defenses and compliance with security standards. It provides critical insights into improving cybersecurity measures.

Join Rise to see the full answer
How do you prioritize tasks when working on multiple cybersecurity projects?

When working on multiple projects, I prioritize tasks based on urgency, impact, and project deadlines. I assess each project’s requirements and collaborate with team members to ensure alignment and seek guidance when needed. Utilizing project management tools also helps me keep track of progress and manage my time effectively.

Join Rise to see the full answer
What qualities do you believe are essential for a successful co-op in cybersecurity?

Essential qualities for a successful co-op in cybersecurity include a keen analytical mindset, strong problem-solving skills, effective communication, and an eagerness to learn. Being adaptable to changing technologies and threats is also vital, along with a collaborative approach to work with diverse teams towards achieving common security goals.

Join Rise to see the full answer
Similar Jobs
F
Factory Mutual Insurance Company Hybrid New York City
VIEW
Posted 5 days ago

FM Global, a top property insurer, is looking for a dynamic Account Manager to foster client relationships and drive risk management solutions.

F
Factory Mutual Insurance Company Hybrid Johnston
VIEW
Posted 5 days ago

Join FM as a Senior Program and Change Management Consultant and drive organizational success through effective change management and project execution.

Photo of the Rise User
SilverEdge Hybrid Hanover
VIEW
Posted 5 days ago

Join SilverEdge Government Solutions as a Junior Systems Administrator to enhance our IT support and systems management.

Photo of the Rise User
Visa Remote Highlands Ranch
VIEW
Posted 12 days ago
Photo of the Rise User
Visa Remote Austin
VIEW
Posted 12 days ago
Photo of the Rise User
Hajoca Corporation Hybrid Pennsylvania, United States
VIEW
Posted 13 days ago
Photo of the Rise User
Visa Remote Foster City
VIEW
Posted 12 days ago
Photo of the Rise User
Noblis Remote San Diego
VIEW
Posted 10 days ago

Noblis is looking for a Configuration Management Specialist to provide essential support in shipboard technology integration for the US Navy.

Photo of the Rise User
Visa Remote Austin
VIEW
Posted 12 days ago
Photo of the Rise User
Pursuit Collection Remote US, Flathead County, MT; Montana, Columbia Falls, MT
VIEW
Posted 4 days ago

Pursuit is looking for a skilled Food & Beverage IT Applications Analyst to ensure seamless operation of various F&B applications across our restaurant groups.

F Factory Mutual Insurance Company

14 jobs
MATCH
Calculating your matching score...
FUNDING
DEPARTMENTS
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
No info
HQ LOCATION
No info
EMPLOYMENT TYPE
Internship, on-site
DATE POSTED
April 5, 2025

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
Show me relevant jobs ASK RISA ✨
ABOUT RISE
FOR COMPANIES
REMOTE JOBS & MORE
LOOKING FOR A JOB?
FIND A JOB NEAR ME
POPULAR JOBS
Rise logo
Privacy Policy and Terms of Service
© 2021 Work Rise LLC. All rights reserved.
Proudly made in NYC.
CONNECT
Facebook Instagram LinkedIn Tiktok