Student Employment Program

Real Experience. Real Impact.

The UT-RSOC offers paid, on-campus cybersecurity employment for University of Texas students. Student analysts work directly on real-world cyber defense operations that protect public sector infrastructure across Texas, while receiving top-tier training, mentorship, and a clear path to professional advancement in cybersecurity.

From Zero to SOC Analyst - Powered by Hack The Box

Before joining the operational RSOC analyst team, all students complete a rigorous, multi-phase training pipeline built in partnership with Hack The Box, one of the world's leading cybersecurity training platforms. This hands-on curriculum is tailored to develop real Security Operations Center (SOC) professionals, and includes:

  • Structured learning paths aligned with real-world SOC workflows
  • Collaborative "Sherlocks" exercises simulating active threat investigations
  • Technical report writing, documentation, and peer collaboration
  • Access to premium red/blue team labs and simulations

To complete the pipeline, students must pass a final certification assessment covering core SOC concepts, tool usage, and investigation workflows.

Unlike programs that teach a single product or rely on vendor playbooks, UT-RSOC students go far beyond "buttonology". They gain tool-agnostic, theory-driven understanding of cybersecurity technologies, learning why tools work, not just how to use them. 

Whether working with EDR, SIEM, threat intelligence, or automation platforms, students also explore the backend infrastructure that powers modern SOCs, such as log pipelines, API integrations, and real-time data correlation. This depth of knowledge ensures they can adapt to any environment, and contribute to both operational response and technical strategy. 

"Partnering with UT Austin's RSOC on the Threat Range beta perfectly reflects our SLED mission at HackTheBox-bridging education and industry through real-world, hands-on training ecosystem that empowers public institutions and shapes the next generation of cyber defenders. UT Austin's commitment to practical cybersecurity training continues to set the standard for what experiential learning in higher education can look like." - Hack The Box, Public Sector Team

Beyond the SOC: Specialize, Lead, Innovate

At UT-RSOC, becoming a student analyst is just the beginning. For those who demonstrate strong technical skills, leadership potential, and a commitment to growth, we offer advanced opportunities to deepen expertise and take on meaningful roles within our operations.

Students who excel are encouraged to apply to participate in specialty tracks that align with real-world cybersecurity career paths. These tracks offer focused mentorship, advanced training, and the chance to contribute to RSOC initiatives that shape our services and impact across Texas.

Current specialty focus areas include:

  • Detection Engineering & Automation - Build detection pipelines, automate responses, and simulate real adversaries.
  • Governance, Risk & Compliance (GRC) - Align policies to NIST and TX-RAMP frameworks, and drive compliance maturity.
  • Penetration Testing - Simulate real-world attacks, escalate access, and deliver professional-grade reports.
  • Bug Bounty Hunting - Discover and ethically report live application vulnerabilities on real-world platforms.
  • Cloud & Infrastructure Security - Harden cloud environments, detect misconfigurations, and automate secure deployments.
  • Threat Intelligence & Forensics - Track adversary behavior, map threats to ATT&CK, and master digital forensics.

Proven, Transferable Skills That Add Value in Any Industry

UT-RSOC students graduate with more than academic knowledge, they leave with real operational experience, analytical rigor, and professional readiness that translates across cybersecurity, business, and public sector roles. 

Through hands-on work, mentorship, and exposure to real-world challenges, students develop the confidence, technical fluency, and problem solving mindset to thrive in cybersecurity, or wherever their career path leads.

Technical Skills:    

  • Monitor, triage, and respond to live security events in real-time
  • Write and tune SIEM rules, detection logic, and automation playbooks
  • Investigate threats across network, endpoint, cloud and application layers
  • Use industry-standard tools
  • Gain cross-platform expertise and prepare for certifications

Professional Skills

  • Communicate clearly during investigations and technical briefings
  • Lead, mentor, and collaborate in high-performance, team-based environments
  • Translate complex findings for executives and non-technical stakeholders
  • Manage time, priorities, and expectations in real-world work settings
  • Contribute to mission-driven operations with accountability and initiative

Certification Opportunities

  • Prepare for certifications like HTB CDSA, Security+, PCAP, and Splunk Core User
  • Explore advanced options such as SANS GSEC, GCFA, GCTI, and Microsoft SC-200/SC-900
  • Gain cloud compliance and knowledge aligned with AWS Cloud Practitioner and GRCP
  • Offensive security students may pursue eJPT or OSCP based on track performance
  • Certification exams are not guaranteed but supported through training, mentorship and resources

Student Spotlights

"The training challenged both my technical and people skills, and helped me grow in both." - Robert

"It's empowering to see how these skills can make a tangible impact." - Aarushi

"The RSOC gave me purpose, I finally feel like something meaningful in cybersecurity." - Arek

"This opportunity gave me the confidence I needed to pursue cybersecurity after graduation." - Matthew

"Now I legally get to hack systems to protect the people around me, it's awesome!" - Krish

"This program shows me how real cybersecurity works, not just theory, but hands-on impact." - Hannah

Apply Here

Applications are currently CLOSED

Thank you for your interest in the UT-RSOC Student Employment Program. Applications are not open at this time, but you can email rsoc@utexas.edu to be notified when the next hiring cycle begins.

Student FAQs

Do I need to be a computer science major to apply? 

Not at all! We welcome students from any major — including liberal arts, economics, public affairs, engineering, and more. If you’re curious, willing to learn, and ready to explore the cybersecurity field, you belong here. 

Is this a job or an internship? 

This is a paid, on-campus student employment position — not an internship. You’ll work as part of our operational RSOC team, gaining hands-on experience with real alerts and real tools. 

How many hours a week do students work? 

Most students work 10–20 hours per week, depending on their availability and class schedule. We’re flexible and prioritize your academic success. 

Can I work at the RSOC if I’m a graduate student? 

We invite all students to apply! Graduate student participation is considered on a case-by-case basis depending on role availability and schedule fit.  

Is this open to UT-Austin students only? 

Yes — applicants must be currently enrolled students at The University of Texas at Austin to be eligible. 

What kind of training do I receive before working in the RSOC? 

You’ll complete a paid, self-paced training pipeline built in partnership with Hack The Box (HTB). It includes hands-on labs, red/blue team simulations, small group investigations, technical writing, and structured skill development. 

How long does the training pipeline take to complete? 

It typically takes 6–8 months. The curriculum is fully self-paced and supported by regular mentorship, checkpoints, and progress reviews. You are paid throughout the training period, and once certified, you'll begin working as an operational analyst.

Are certifications required to apply? 

No — you don’t need any certifications to apply. All students in the program have the opportunity to earn industry-recognized credentials such as HTB Certified Defensive Security Analyst (HTB CDSA), Splunk Core User, Security+, and more. The HTB CDSA certification is required to join the operational analyst team, and we cover the cost of all training and exams. 

What is the HTB CDSA exam? 

The HTB Certified Defensive Security Analyst (CDSA) is a hands-on, lab-based certification from Hack The Box focused on Security Operations Center (SOC) workflows, alert triage, and investigation. It’s the final step in our core training program. 

Do students receive support for other certifications? 

Yes — students who successfully complete the pipeline and begin working shifts are eligible for funded certification attempts for additional credentials like Security+, GSEC, Splunk Power User, and others. 

What kind of work will I do as a student analyst? 

You’ll monitor and investigate real alerts, document technical findings, triage security events, and contribute to real RSOC operations. You’ll also have opportunities to collaborate with threat detection engineers, GRC leads, and security analysts in other specialty areas (e.g., vulnerability management, OSINT, penetration testing). 

Will I be working with real alerts or simulated data? 

During training, you’ll work with simulated and replayed incidents. Once certified, you’ll work with live alerts and real-time operational data. 

Do I get exposure to tools like Splunk, threat intel, SOAR, etc.? 

Yes — you’ll learn how to use Splunk, custom SOAR tools, threat intelligence platforms, vulnerability scanners, and scripting-based automation workflows. 

Can I specialize in areas like GRC, cloud security, or pen testing? 

Absolutely. We offer multiple specialty tracks for students who excel in technical, leadership, or research-focused roles. Current options include GRC, Threat Intelligence, Cloud Security, Forensics, Detection Engineering, and Offensive Security. 

Will I get experience that helps me land a cybersecurity job after graduation? 

The skills you develop in the RSOC — from real-time alert triage to technical writing and hands-on tooling — are directly aligned with what employers in cybersecurity are looking for. While we can’t guarantee a job after graduation, many of our former students have successfully transitioned into roles in government, private industry, consulting, and tech. This experience can absolutely help you stand out in interviews and show up ready on day one. 

Is this a remote position or in-person? 

This is primarily an in-person role due to the nature of the systems and data we work with. Occasional hybrid work may be possible depending on role and responsibilities. 

What if I have classes during my scheduled shift? 

We work with you to build a schedule that complements your academic obligations. Our student team leads understand the importance of flexibility and balance. 

How do I apply? Is there a deadline? 

To apply, email us at rsoc@utexas.edu to express your interest. We recruit on a rolling basis and typically begin onboarding in early August. 

Starting in August 2026, you'll also be able to apply directly through our website, keep an eye on this page for the application link when it goes live!

Can international students work in the RSOC? 

Unfortunately, students on F-1 visas are not eligible for this particular opportunity. Please note that this is not a reflection of student employment at UT, but rather a specific requirement based on the operational and security needs of this role. 

We truly appreciate your interest and encourage you to explore other opportunities on campus that align with your goals and visa status.