Vulnerability Management Intern

Job Description:

Building trusted markets — powered by our people.

At Cboe Global Markets, we inspire our people to solve complex challenges together because what we do matters. We provide the financial infrastructure that powers the global economy. As a leading provider of market infrastructure and tradable products, Cboe delivers cutting-edge trading, clearing and investment solutions to market participants around the world.

Cboe interns work with a variety of staff across multiple departments and have the opportunity to put their skills to work in their field of interest, while learning about Exchange technology and operations through our robust Options Institute courses.

The three main foundational pillars of our internship program are: develop, educate and network. We want to ensure each of our interns receive a real-world working experience that encourages academic, professional and personal growth.

Candidates should be versatile, eager and able to work in a fast-paced, time-sensitive financial and technical environment. Our interns will have the flexibility of working 2 days remotely, and 3 days in office per week at one of our state-of-the-art offices in Chicago, Kansas City, and New York City. To be eligible for this internship, applicants must be enrolled in a university or college program and should not be scheduled to graduate before December of the internship year. Our internship program runs from June to August and you will wrap up your internship with a final presentation and retreat. Visit our student page for more information about our internship program!

The Vulnerability Management Team-Cybersecurity is hiring a Vulnerability Management intern.

The Vulnerability Management Intern position will provide exposure to the various functions, tools, and activities focusing on reducing Cboe’s attack surface by way of vulnerability management.

Help us identify and patch all the things!  
 

Your responsibilities and learning objectives will be: As part of a strong, dynamic, global security team, the Vulnerability Management Intern will have the opportunity to learn and contribute via a range of opportunities that provide real-world, hands-on cybersecurity experience.

You will gain experience with patchable network vulnerabilities, application security (appsec) vulnerabilities, operating system vulnerabilities, cloud security vulnerabilities, commercial vulnerability scanning tools, segmented network architectures, systems management automation for both Windows and Linux, and IP address management. You will be introduced to metrics reporting and associated technologies in the context of a global organization. You will interact with members of the entire Global Information Security Team along with Network Engineering, Cloud, Windows Engineering and Linux Engineering teams to identify, report, and help solve problems. 

Specific duties may vary based on the experience of the selected candidate, but typical duties within the VMT would include:

• Act on vulnerability findings, spearheading technical communication to resolving teams professionally and accurately 
• Assist with day-to-day operational tasks, such as scan result review, IP asset configuration management (CMDB) accuracy improvement, scan issue resolution, and reporting of vulnerabilities to system owners from scan results leveraging a ticketing system 
• Remain aware of breaking vulnerability news stories by leveraging various threat intelligence feeds 
• Document/improve vulnerability management procedures 
• Identify and act upon automation opportunities that could include API programming and leveraging AI and LLM tooling available in-house
• Collaborate with vulnerability management teammates in other times zones. This does include a small number of meetings off-hours, typically in the evening   
• Perform additional duties and assignments as requested 

The ideal candidate:

• Is currently enrolled in a Bachelor’s or Master’s program in Information Security, Cyber Security, Computer Science, Engineering or equivalent exposure and experience related to these fields and should not be scheduled to graduate before December of the internship year.
• Understands security vulnerabilities in software and systems and comprehends the potential impact if they are left unaddressed
• Should be eager to learn quickly and able to communicate clearly and professionally in English.
• Has base knowledge of security concepts, versed in TCP/IP, common ports/services, and overall networking concepts such as routing, switching and firewalls.
• Is able to perform basic administrative tasks on both Linux and Windows based systems. 
• In addition, should have working knowledge of Microsoft Office products including Excel, Word and PowerPoint. 

You’ll really stand out with:

• Experience in Python and/or PowerShell automating tasks leveraging calls to REST or Graph API’s.
• Hands on experience doing patching and remediation in a corporate environment to enable authoritative communication with remediation teams
• Familiarity with vulnerability scanners such as Nexpose, Qualys, or Tenable, or Cloud Security Posture Management tooling
• Experience automating with Excel, PowerAutomate, Sigma, or Snowflake

Benefits and Perks

• Competitive compensation
• Flexible, hybrid work environment, 3 days in office, 2 days remote, per week.
• 2:1 401(k) match, up to 8% match immediately upon hire.

Some of our employees’ favorite benefits and perks include:

• Daily complimentary in-office lunch from local restaurants
• Endless free coffee and snacks to fuel your workday
• Monthly in office networking events and happy hours
• Associate Resource Groups (ARGs) and affinity groups for support and community building

More About Cboe Global Markets

We’re reimagining the future of the workplace by focusing on what matters most, our people.  Our journey is an inclusive one. We’re investing deeply in leadership programs and career development initiatives that ensure everyone has an equal chance to succeed. We celebrate the diversity in our communities, inside and out, and welcome new perspectives with equity, inclusion and belonging.

We work with purpose, solving problems with ingenuity, collaboration, and a lot  of passion. We’re an engaged and excited team connecting markets across borders and embracing growth in all its forms to achieve incredible outcomes.

Learn more about life at Cboe on our website, LinkedIn, and our student page for more information about our internship program!

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees’ differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status.

#LI-HL

#Hybrid

Any communication from Cboe regarding this position will only come from a Cboe recruiter who has a @cboe.com email or via LinkedIn Recruiter. Cboe does not use any otherthird party communication tools for recruiting purposes.