Information Security Internship @ Nordstrom
In this blog post, I will talk about my experience and highlights of being an Intern at a major retailer and some details about the program.
Full disclosure: I was getting both paid and receiving college credit for my summer Internship — but I only get credit if I write an essay on my experiences, so I decided to write a blog post for this requirement. Here’s my spiel —
Preface
A little history
I’m currently a rising senior as an Informatics major at The Information School — University of Washington, Seattle. My concentrations are Data Science and IAC (Information Assurance and Cybersecurity) which will set me up with vital skills to be successful in both fields as well as a full-stack Software Developer.
In the summer of 2018 I interned as a Data Analyst at UW medicine — Department of Radiology. I dabbled in the world of data science and learned some valuable soft skills like teamwork, good communication skills, and technical skills that are important for data analytics. Nevertheless, it was still an on-campus job, and it was in a research organization which didn’t give me a “corporate” tech experience where I felt pushed or challenged. I was determined to try an internship position in the Information Security space so I could apply the concepts I learned in class.
The Preparation
No pain, no gain
Thinking about the future, I knew I would be able to find a job much more easily with technology internships on my resume. So, I applied for a lot of opportunities — A LOT. It was a very stressful time and I was constantly on the lookout for the right fit. Although it was an anxious time and I was stressed, during the search I learned a lot of important networking skills, grew my professional network, and honed my communication skills. All the effort finally paid off when I landed an internship as a Penetration Tester (“pen tester”) at Nordstrom, which was exactly what I wanted: A cybersecurity position at a large company with a strong tech infrastructure.
Life @ Nordstrom
The culture
❤ the company culture
On our first day, we had an orientation where I met my co-interns and I connected and networked with them — including the tech interns, the finance interns, and the other interns from other parts of Nordstrom. We were then separated into our respective departments and we had a more detailed orientation about the community standards, company culture, and the intern program. The intern cohort was also very diverse, with 50% of all tech interns being women!
The overall company culture was astounding. I found it to be laid back but productive; competitive but collaborative. There was even a mentorship program for all the interns where we were paired with a member of our team who was there to help and guide us throughout the course of the internship. Our mentor was different from our manager (who was the team leader) so we wouldn’t be intimidated to ask the silly questions. My mentor, Dan, was very helpful and was always supportive. We were also allowed to work from home, but I rarely did because I feel more productive while working in the office.
My manager, Sasha, had a bi-weekly career meeting where he gave me crucial feedback about performance and our work at the office. He also asked how the internship was going, and I felt like this career talk was very beneficial. It was quite informal which made it more comfortable and created a safe space. My manager gave me constructive feedback which helped me understand where to focus on improving.
I also really liked the open culture at Nordstrom. There were Q&A sessions with the president of Nordstrom (Pete Nordstrom), and the CTO (Edmond Mesrobian), and one of the Senior VPs of Technology (JoAnne Kennedy) where we were encouraged to ask as many questions as possible. It was an interesting experience and I learned a lot about the management and corporate side of technology in a retail space.
My team and project
Since I’m in security, I’m under NDA and won’t be able to disclose any technical details! Sorry.
My team was different in a special way. We were the only pen testing team at Nordstrom, so we worked differently compared to other teams. There was another intern on my team who I knew since freshman year in college which made me feel comfortable. Our manager insisted that although we had mentors, we could ask anyone on the team any question as pen testing was a collaborative effort and we needed all hands on deck.
I absolutely loved the team. I felt like I could relate with everyone, the team vibe and culture was very positive, and the whole idea was to have fun while working. I felt welcomed and valued which was missing at my previous internship.
“I learned more in the last 10 weeks that I did in the last 2 years at college” — Grant B.
Our internship wasn’t one of those — grab a coffee, do the repetitive tasks — kind of internship. We were building and testing real tools and features that were being deployed by the company which made my work feel valuable. We were treated as full-time employees and this enabled me to learn a lot, both the obvious and the subtle.
The obvious: I did my first official enterprise pen test, where I discovered multiple real-time vulnerabilities and learned how to collaborate in an agile work environment. I built a real scanning and reconnaissance tool which was deployed. This tool will help the organization be more secure and will aid both the red (attacking) and blue (defending) teams. I also developed additional security skills — especially in Active Directory pen testing, network pen testing, and Linux systems.
The subtle: I learned how the Information Security organization operated, the structure and how features get developed, how teams work, and other essential details. Also being a pen tester greatly improved my patience and (metaphorical) pain tolerance — looking for tiny errors made in code is like looking for a needle in a haystack. I also developed a lot of soft skills like conflict resolution and accountability.
The bonus: My coworkers, Jon, Glenn, and Danny also inspired me to start working on professional certifications and I’m currently studying for the Microsoft Security Fundamentals (98–367) Certification and CompTIA Security+ certification.
Nordstrom also hosted a hackathon over the summer which was focused on event streaming. In less than 2 days our team created a notification feature that will notify customers when items are back in stock. The hackathon gave me a chance to work with some very smart people across the technology organization, outside of security, and see the development process first hand. Btw, our team won 1st place!
The End
The last 10 weeks flew by so quickly. Looking back, it felt as though I joined Nordstrom just a couple of weeks ago. There were some stressful times but looking back now, I felt like the last 10 weeks were very productive. I made some really good friends, networked a lot, and made many meaningful connections and contributions which gave me a sense of satisfaction and accomplishment — qualities I look for when I work.
I’m looking forward to my final year at UW and I will hopefully be back at Nordstrom next year!
Thanks for reading. Please let me know if you have any questions, and definitely feel free to share, comment and like the post to show appreciation! :)
