This opportunity is based in Lausanne

(Master Thesis) Enhance SIEM Detection and Response Capability


As cyberattacks are becoming more advanced in sophistication and more frequent, it is crucial to have incident response capabilities for fast detection and remediation.

In this internship, you will join the Security Team of ELCA Cloud Services and will be working on our opensource SIEM. You will extant the coverage of the servers monitored by the SIEM and you will develop detection features and implement them. You will enrich the SIEM with global threat intelligence and create new correlation rules to match custom use cases.

In this role

  1. Enriching log collection with new sources and events,
  2. Defining new use cases and setting alerting levels,
  3. Setting up a platform to centralize security alerts and preparing playbooks for fast and efficient answer,
  4. Integrating the SIEM with external tools.

Additionally, it is expected to implement auto-response features.

What we offer

  • A dynamic work and collaborative environment with a highly motivated multi-cultural and international sites team
  • Personal development through training and coaching
  • A culture of collaboration across all disciplines
  • The chance to make a difference in peoples’ life by building innovative solutions
  • High innovation and research backed up by collaboration with universities like EPFL
  • Various internal coding events (Hackathon, Brownbags), see our technical blog
  • Monthly After-Works organized per locations
  • Good work-life balance (2 days per week from home)

About your profile

  • Good foundation in networks and network security.
  • Offensive knowledge.
  • Good knowledge in operating systems
  • Knowledge in scripting language

If you are INTERESTED in applying for this position, please send us your complete application (CV, cover letter, letter of reference, diplomas and certificates).

By continuing to browse this site, you accept the use of cookies or similar technologies whose purpose is to produce statistics on visits to our site (tests and measurement of visitor numbers, visit frequency, page views and performance) and to offer you content and promotions which will be of interest to you.

Our cookie policy has been updated. Please feel free to manage your preferences.


Manage your cookie preferences

Update your cookie preferences

Find out about the type of cookies stored on your device, accept or block them for the entire site, all services or on a service-by-service basis.

OK, accept all

Disable all

Visitor flow

These cookies provide us with insight into traffic sources and allow us to better understand our visitors anonymously.

(Google Analytics and CrazyEgg)


Sharing tool

Social media cookies allow content sharing on your preferred networks.



Visitor understanding

These cookies are used to track visitors across websites.

The intention is to enable us to offer more relevant, targeted content to existing contacts (ClickDimensions) and display ads that are relevant and engaging for users (Facebook Pixels).


For more information about these cookies and our cookie policy, click here