Student Employment Program

Real Experience. Real Impact.

The UT-RSOC offers paid, on-campus cybersecurity employment for University of Texas students. Student analysts work directly on real-world cyber defense operations that protect public sector infrastructure across Texas, while receiving top-tier training, mentorship, and a clear path to professional advancement in cybersecurity.

From Zero to SOC Analyst - Powered by Hack The Box

Before joining the operational RSOC analyst team, all students complete a rigorous, multi-phase training pipeline built in partnership with Hack The Box, one of the world's leading cybersecurity training platforms. This hands-on curriculum is tailored to develop real Security Operations Center (SOC) professionals, and includes:

Structured learning paths aligned with real-world SOC workflows
Collaborative "Sherlocks" exercises simulating active threat investigations
Technical report writing, documentation, and peer collaboration
Access to premium red/blue team labs and simulations

To complete the pipeline, students must pass a final certification assessment covering core SOC concepts, tool usage, and investigation workflows.

Unlike programs that teach a single product or rely on vendor playbooks, UT-RSOC students go far beyond "buttonology". They gain tool-agnostic, theory-driven understanding of cybersecurity technologies, learning why tools work, not just how to use them.

Whether working with EDR, SIEM, threat intelligence, or automation platforms, students also explore the backend infrastructure that powers modern SOCs, such as log pipelines, API integrations, and real-time data correlation. This depth of knowledge ensures they can adapt to any environment, and contribute to both operational response and technical strategy.

"Partnering with UT Austin's RSOC on the Threat Range beta perfectly reflects our SLED mission at HackTheBox-bridging education and industry through real-world, hands-on training ecosystem that empowers public institutions and shapes the next generation of cyber defenders. UT Austin's commitment to practical cybersecurity training continues to set the standard for what experiential learning in higher education can look like." - Hack The Box, Public Sector Team

Beyond the SOC: Specialize, Lead, Innovate

At UT-RSOC, becoming a student analyst is just the beginning. For those who demonstrate strong technical skills, leadership potential, and a commitment to growth, we offer advanced opportunities to deepen expertise and take on meaningful roles within our operations.

Students who excel are encouraged to apply to participate in specialty tracks that align with real-world cybersecurity career paths. These tracks offer focused mentorship, advanced training, and the chance to contribute to RSOC initiatives that shape our services and impact across Texas.

Current specialty focus areas include:

Detection Engineering & Automation - Build detection pipelines, automate responses, and simulate real adversaries.
Governance, Risk & Compliance (GRC) - Align policies to NIST and TX-RAMP frameworks, and drive compliance maturity.
Penetration Testing - Simulate real-world attacks, escalate access, and deliver professional-grade reports.
Bug Bounty Hunting - Discover and ethically report live application vulnerabilities on real-world platforms.
Cloud & Infrastructure Security - Harden cloud environments, detect misconfigurations, and automate secure deployments.
Threat Intelligence & Forensics - Track adversary behavior, map threats to ATT&CK, and master digital forensics.

Proven, Transferable Skills That Add Value in Any Industry

UT-RSOC students graduate with more than academic knowledge, they leave with real operational experience, analytical rigor, and professional readiness that translates across cybersecurity, business, and public sector roles.

Through hands-on work, mentorship, and exposure to real-world challenges, students develop the confidence, technical fluency, and problem solving mindset to thrive in cybersecurity, or wherever their career path leads.

Technical Skills:

Monitor, triage, and respond to live security events in real-time
Write and tune SIEM rules, detection logic, and automation playbooks
Investigate threats across network, endpoint, cloud and application layers
Use industry-standard tools
Gain cross-platform expertise and prepare for certifications

Professional Skills

Communicate clearly during investigations and technical briefings
Lead, mentor, and collaborate in high-performance, team-based environments
Translate complex findings for executives and non-technical stakeholders
Manage time, priorities, and expectations in real-world work settings
Contribute to mission-driven operations with accountability and initiative

Certification Opportunities

Prepare for certifications like HTB CDSA, Security+, PCAP, and Splunk Core User
Explore advanced options such as SANS GSEC, GCFA, GCTI, and Microsoft SC-200/SC-900
Gain cloud compliance and knowledge aligned with AWS Cloud Practitioner and GRCP
Offensive security students may pursue eJPT or OSCP based on track performance
Certification exams are not guaranteed but supported through training, mentorship and resources

Student Spotlights

Reflections from RSOC Students

Our students come from diverse academic backgrounds and leave with real operational experience. These are their perspectives on their journey.