From Classroom to SOC: How eSentire Cultivates Cybersecurity Excellence

Cyber threats are rapidly increasing in complexity, and threat actors are relying on phishing-as-a-service (PhaaS) platforms to launch and execute large-scale cyberattacks against organizations. Plus, there's no doubt that the use of AI will only exacerbate the type of threats we'll continue to see in the industry. As these challenges continue to evolve across industries, finding and nurturing top cybersecurity talent is more critical than ever.

At eSentire, we've taken a proactive approach through our Cyber Momentum Program, which has become a cornerstone of our talent acquisition strategy and company culture.

In particular, our SOC Cyber Analyst recruitment strategy is anchored in strong relationships with leading technical institutions across the Waterloo, Canada and Cork, Ireland regions. Through strategic partnerships with local colleges, universities, municipal boards, and not-for-profit organizations, we maintain a consistent pipeline of qualified candidates to support our growing security operations.

Over a Decade of Developing Cybersecurity Talent

Our commitment to student development has deep roots; we launched the Canadian Cyber Momentum Program in 2013, pioneering the approach to identifying promising security professionals early in their careers. Building on the success of the Canadian program, we expanded the initiative to Ireland in 2018, creating a robust global pathway for emerging cybersecurity talent.

What makes this program particularly successful is its mutually beneficial nature. Students gain hands-on experience in real-world security operations, working alongside seasoned professionals in our SOC environment. Meanwhile, we benefit from fresh perspectives and the opportunity to train promising individuals with our specific methodologies and technologies.

Over the years, the Cyber Momentum Program has demonstrated remarkable staying power, evolving alongside our growing organization while maintaining its core mission: discovering passionate individuals who can grow into tomorrow's cybersecurity leaders.

"As a former intern, I can confidently say that the opportunity was far more than a way to gain initial SOC experience. It provided a genuine platform to kick start my career and gradually move into more advanced roles as my skills and experience developed," Shane Twohig, SOC Team Lead in our Cork, Ireland SOC, says. "I was able to continue working part-time while completing my undergraduate degree, which allowed me to stay closely connected to the role and remain up to date with how threats evolved throughout the year. As a result, when I returned to the SOC in a full-time position after graduating, I was able to progress quickly and contribute on a much higher level from the outset."

Moreover, the program serves as an extended evaluation period for both parties; students can not only determine if the cybersecurity industry aligns with their goals but also whether eSentire can help them advance their careers as they've envisioned. On the other hand, we can identify those with the right mix of technical aptitude, problem-solving abilities, and teamwork skills needed to thrive as part of our team.

Building Impressive Careers in Cybersecurity

The internship offers an invaluable opportunity for those interested in pursuing a career in cybersecurity, as it is one of the few programs that makes no distinction between full-time SOC Analysts and interns. Instead, both share the same responsibilities and daily workflows, including performing end to end investigations, directly supporting clients, and supporting other Analysts.

At the end of the internship, participants typically have a choice in how they continue their journey: they can remain part-time while completing their studies, or transition into a full-time role within the SOC as an analyst. Having this level of flexibility is a significant advantage and is a defining feature that makes the program genuinely unique.

The statistics behind our student program highlight its significant impact:

• 78 students have joined our Security Operations Center (SOC) since the program's inception, with 46 in Canada/US and 32 in Ireland.
  • 39 students have successfully transitioned to full-time permanent positions.
• 26 former students remain valued members of the eSentire team today, either as part of the SOC or in other departments.

Half of our students join us full-time after graduation, and most spend several years on our team. We're proud that so many choose to stay and grow with us.

Of course, the true measure of our program's success goes beyond statistics; we've seen students develop their entry-level skills and theoretical knowledge into confident security professionals capable of handling sophisticated threats. Many former interns now hold leadership positions within our organization, mentoring the next generation of security talent.

This is how Mitch Day, SOC Team Lead in our Waterloo SOC, rose to a leadership position as well: "I started as a co-op at eSentire 6 years ago. After my co-op term, I was hired full-time as a SOC Analyst 1. From there, I worked my way up through the SOC, gaining experience across multiple technologies and client interactions. As a Senior Analyst, I worked on investigations, client requests/calls, and helping newer analysts. That final part led me to Team Lead. By having these different experiences, I was able to determine the right career path for me and pursue it. This story is the same for a lot of the tenured staff of the eSentire SOC."

This "full circle" approach creates a positive feedback loop within our organization, strengthening our culture and institutional knowledge while ensuring we remain at the cutting edge of cybersecurity practices.

In Their Own Words: Stories from Our Interns

When I think back to my internship at eSentire, I can say it was both fulfilling and informative. The program allowed for gradual upskilling and learning different investigation tactics by following the same training process any new hire would experience. I believe this approach enabled my fellow trainees and I to gradually apply our learning from university and transition into performing real security investigations.

The internship at eSentire reinforced and built upon our previous learning with unique knowledge and real-world experience. One of the most valuable aspects of the internship for me was that it didn't feel like an internship at all -- it felt like starting a new role.

Shoutout to the eSentire SOC-Analyst co-op program for being a massive part of my growth early in my cybersecurity career. I came in as a student from Ontario Tech University as part of an 8-month co-op term and left with tangible, hands-on experience that translated to the job, beyond just in-class theory.

Through this program, I learned numerous valuable technical and soft skills and often pushed me out of my comfort zone while providing the support I needed. What I love most about eSentire is the team and how collaborative we are. All of this ultimately led to a full-time role. In retrospect, I am amazed at how much I have grown, and this can be attributed to the opportunities and skills I developed at eSentire.

Since then, I have been promoted to Tier 2, which says a lot about how eSentire supports and values employee growth. I came in hoping to be a sponge, soaking up knowledge and wisdom from the team. While my sponge will never be full, I now have the opportunity to share these skills with new analysts joining our team.

If you're a student looking for a SOC/Cybersecurity co-op, you don't want to miss out!

My internship at eSentire has been critical to my professional development. I went from being a student interested in cybersecurity to a full-fledged professional working in the industry. I've worked with hundreds of client environments and their technologies, and I learn something new every day.

Beyond the technical experience, eSentire maintains an excellent work-life balance and runs the SOC efficiently. SOCs are notorious for high turnover and burnout, but eSentire has largely avoided this, providing analysts with what they need to do their jobs while effectively managing stress.

What stands out most at eSentire is employee retention; many people in the SOC have been here for a decade or longer. In an industry where most professionals switch companies and roles every few years, people build their entire careers at eSentire, which speaks volumes about how the company operates and treats its people.

During my internship, I was treated as a full-time employee, not just an intern, and had the same experience as someone beginning a full-time role. I also felt the value of the internship at eSentire was that I was trained on so many different cybersecurity technologies. If I did my internship elsewhere, this likely wouldn't have been the case.

One thing I also valued is that I was able to ask for help no matter what - there was never a stupid question. I was never thrown right into the deep end, and I was trained on each individual service, then given time to get used to it. A big highlight for me was the staff events we got to partake in - things like go-karting and going on a Harbor cruise.

With the continued success of the Cyber Momentum Program in both Ireland and Canada, we remain committed to investing in emerging talent. These initiatives have proven their value not just as recruitment tools, but as fundamental components of eSentire's identity as an organization that develops and retains outstanding cybersecurity professionals.

For students considering a career in cybersecurity, the Program offers more than just work experience; it provides a meaningful first step on a rewarding career journey with a global leader in managed detection and response.

If you're interested in learning more about the Cyber Momentum Program or applying for upcoming opportunities, please visit our Careers page or follow us on LinkedIn.

ABOUT THE AUTHOR

Shane Twohig SOC Team Lead

Based in Cork, Ireland, Shane joined the SOC as an intern in 2018. He has since worked his way through the tiers of analyst before taking on the role of Operations Lead for the SOC. He most recently moved to Team Lead, where he is directly responsible for supporting and managing the team of analysts.