Job details

FM Research Cybersecurity Co-op

Get a free resume review

FM is a leading property insurer of the world's largest businesses, providing more than one-third of FORTUNE 1000-size companies with engineering-based risk management and property insurance solutions. FM helps clients maintain continuity in their business operations by drawing upon state-of-the-art loss-prevention engineering and research; risk management skills and support services; tailored risk transfer capabilities; and superior financial strength. To do so, we rely on a dynamic, culturally diverse group of employees, working in more than 100 countries, in a variety of challenging roles.

We are seeking a highly motivated and detail-oriented co-op student to join our cybersecurity team. The successful candidate will contribute to the continuous development of cyber mitigation strategies for Operational Technology (OT) environments, leveraging the MITRE ATT&CK for ICS matrix. This position offers hands-on experience in designing attack experiments, evaluating mitigation techniques, and supporting the development of testbeds for validating security measures. The co-op student will also be involved in producing technical documentation and utilizing threat intelligence to enhance our cybersecurity posture.

Testbed Support
- Assist in the development and maintenance of testbeds for validating cyber mitigation strategies.
- Interest in configuring and troubleshoot hardware and software components within the testbed environment, including industrial devices (PLC, HMI, DCS, RTU, etc.) and industrial software (e.g. OPC UA/DA, PI, historians, user repositories, firewall management including inspection, etc.).
MITRE ATT&CK for ICS Expertise
- Leverage MITRE ATT&CK for ICS matrix to understand adversarial tactics, techniques, and procedures in industrial control systems.
- Research and propose mitigation strategies to address specific threats identified within the MITRE ATT&CK for ICS framework.
Run Experiments
- Design and document attack experiments to simulate real-world cyber threats against OT environments.
- Focus on attack strategies that are shifting from immediate exploitation to establishing persistent footholds within OT environments.
- Incorporate techniques such as exploiting supply chains and "living off the land".
Analysis of Run Experiments
- Evaluate the effectiveness of proposed IT and OT mitigation strategies in preventing or mitigating the impact of simulated attacks.
- Analyze the results of experiments and provide recommendations for improving mitigation techniques.
Technical Documentation
- Produce clear and concise slipsheets, technical reports, and presentations summarizing research findings and experimental results.
- Document IT and OT attack methodologies, mitigation strategies, and testbed configurations.
Threat Intelligence and Research
- Leverage threat intelligence feeds and research capabilities to stay informed about emerging cyber threats and vulnerabilities.
- Analyze threat intelligence data to identify relevant threats to our OT environment and propose proactive security measures.
- Use platforms and frameworks to improve and automate threat research.

Currently enrolled in a Master's degree program in Cybersecurity, Computer Science, Engineering, or a related field.
Familiarity with industrial control systems (ICS) and operational technology (OT) concepts.
Understanding of cyber-attack methodologies and mitigation techniques.
Knowledge of the MITRE ATT&CK framework, particularly the ICS matrix.
Interest in designing and conducting experiments or simulations.
Analytical and problem-solving skills.
Fluency in English, written and verbal communication skills.
Ability to work independently and as part of a team.

Preferred Skills

Experience with penetration testing or ethical hacking.
Knowledge of network security principles and technologies.
Familiarity with scripting languages such as Python or PowerShell.
Experience with virtualization technologies such as VMware or VirtualBox.
Understanding of threat intelligence concepts and tools.

This co-op position offers a valuable opportunity to gain practical experience in the field of OT cybersecurity and contribute to the development of innovative mitigation strategies.

This is an in-office role based in Norwood, MA. Temporary relocation support provided for selected qualified candidate.

FM is an Equal Opportunity Employer and is committed to attracting, developing, and retaining a diverse workforce.

#LI-TA1

What You Should Know About FM Research Cybersecurity Co-op, FM

FM is looking for a passionate FM Research Cybersecurity Co-op to join our amazing cybersecurity team in Norwood, MA! As a leading property insurer for some of the world's largest businesses, we provide engineering-based risk management and property insurance solutions that help our clients maintain continuity in their operations. In this exciting co-op role, you'll dive into the world of cybersecurity for Operational Technology (OT) environments while getting hands-on experience in designing attack experiments and evaluating mitigation techniques. You'll also assist in developing and maintaining testbeds that validate our cyber mitigation strategies, utilizing the MITRE ATT&CK for ICS matrix to understand adversarial tactics and propose effective solutions. Your role will involve producing technical documentation to summarize research findings, analyzing threat intelligence, and continuously improving our cybersecurity posture. We’re looking for someone currently enrolled in a Master's degree program in Cybersecurity, Computer Science, Engineering, or a related field, with a strong interest in ICS/OT concepts and cyber-attack methodologies. If you have analytical skills, a knack for problem-solving, and a collaborative spirit, this could be the perfect opportunity for you to grow and contribute to our innovative cybersecurity strategies. At FM, we embrace a diverse workforce and are committed to fostering an inclusive environment. Join us and be a part of something more than just work—make a difference in the cybersecurity space today!

Frequently Asked Questions (FAQs) for FM Research Cybersecurity Co-op Role at FM

What responsibilities does the FM Research Cybersecurity Co-op have?

As an FM Research Cybersecurity Co-op, you will play a vital role in developing cyber mitigation strategies for Operational Technology environments. Your responsibilities will include designing and running attack experiments, evaluating IT and OT mitigation strategies, assisting in maintaining testbeds, and producing clear documentation of technical findings. This position is ideal for those eager to gain valuable hands-on experience in the cybersecurity field.