SOC-in-a-Box: GuidePoint Security Project-Based Learning Program

The Commonwealth Cyber Initiative (CCI) is partnering with GuidePoint Security to recruit up to five apprentices to create a “SOC-in-a-Box,” a scalable and deployable lab environment for cybersecurity practitioners to practice and hone their skills.

Recruitment has closed.

Project Overview

The created environment should include all essential elements of a Security Operations Center (SOC), including a log aggregation platform, case management system, basic active directory ecosystem, and a host-based detection tool. 

The deployment and configuration of this lab and its parts should be automated using Infrastructure as Code (IaC) solutions. 

This project will expose students to technologies they’ll encounter in the cybersecurity field while providing insight into such roles as:

• Incident response analyst.
• Threat intelligence specialist.
• Detection engineer.
• Adversary emulation specialist.

What You’ll Do

Apprentices will work as a team, establishing a routine and communication practices for internal interactions. 

Participants will:

• Design and deploy an environment with five or more virtual machines connected to an active directory using IaC.
• Write a script to simulate typical user activity on end-user devices, imitating normal network traffic.
• Install a host-based detection solution on end-user devices. 
• Deploy a vulnerable web server that can be attacked by machines on the network.
• Set up a SIEM (security information and event management), collecting appropriate data from systems on the network.
• Set up a SOAR (security, orchestration, automation, and response) solution with basic case management.  
• Generate malicious activity, attacking the vulnerable web server to test case management.
• Provide weekly updates on project status. 

What You’ll Get

Selected students, who can participate in the project for one semester or one academic year, will:

• Receive up to $2,400, depending on hours worked and requirements met.
• Work on real-world cybersecurity scenarios/projects.
• Be mentored by GuidePoint Security professionals.
• Get access to approved systems (for example, a VPN).
• Receive materials required to complete the project.
• Enhance such soft skills as communication, critical thinking, time management, problem solving, adaptability, and teamwork.
• Network with students, faculty, and CCI partners.

Office hours for questions and information will be held on Fridays from 11 a.m. to noon ET for the duration of the project.  

In addition, participants will be invited to attend optional internal training sessions hosted by GuidePoint Security professionals. Sessions take place at various times throughout the week and cover a wide range of topics. 

In previous project-based learning programs, students have attended sessions on:

• Application Security Assessments
• Linux Fundamentals
• Automating Pentesting
• Working in the Federal Space
• Technical Interview Prep

Eligibility Requirements

To be considered for selection, candidates must:

• Be a U.S. citizen
• Currently studying at a Virginia institution of higher education
• Have completed one academic year.
• Have declared their major in a cyber or cyber-related field.
• Commit to staying in the program from Jan. 21 to April 11, 2025.
• Attend the virtual project kick-off meeting on Jan. 21, 2025.
• Be enrolled in cyber or cyber-adjacent courses.
• Demonstrate an interest in cybersecurity (e.g. does Hack the Box or other online CTF-style activities, has a home lab, cyber club, etc.).

The most qualified candidates will have taken a class in, or have experience with:

• Security operations or a Security Operations Center (SOC).
• Cloud technologies.
• Coding or scripting.

Selected candidates must:

• Work on the program for a maximum of 2 to 8 hours a week.
• Meet four days a month with GuidePoint Security. Meetings will be scheduled in advance and will be conducted virtually.
• Provide their own equipment, including a computing device with a working microphone and video.
• Have access to a stable internet connection.
• Inform their university/college advisor of project participation.
• Provide CCI with PI/advisor name, title, and email.

Commitment Requirements

Participants must:

• Attend the virtual project kick-off meeting at 11 a.m. ET on Jan. 21, 2025.
• Attend weekly virtual meetings on Tuesdays at  noon ET from Jan. 28 to April 8, 2025. The Feb. 4 meeting is subject to change due to a corporate holiday.
• Present their final project deliverables on April 11, 2025 (time TBD, based on students’ schedules).
• Work as part of a team to complete project-related tasks.
• Work on the program for a minimum of 2 to 8 hours per week.
• Notify their school advisor about their participation in the project.

Project Schedule

The sessions will take place in 2025. All times are ET. All sessions will be conducted virtually via ZOOM.

Expectations and Repercussions

This project presents a professional opportunity for students, who are expected to conduct themselves in a professional manner. Attendance at meetings and active participation in project-related tasks is required.

Students can be dismissed from the program if they fail to:

• Attend eight out of 10 weekly update meetings.
• Attend the virtual kickoff session on Jan.  21.
• Actively participate in project-related tasks.
• Refuse or fail to work effectively with their team partners.
• Attend mandatory meetings and participate in project-related tasks.

Advisors will be notified once via email that a student is in danger of being dismissed. 

Failure to resolve attendance and participation issues will result in dismissal, and the student and advisor will be notified.

For more information, contact CCI's Kendall Beebe at kwbeebe@vt.edu.