Job Posting Title:

Senior Student Cybersecurity Engineer - Nuclei/Scavenger Development UT RSOC

----

Hiring Department:

Information Security Office

----

Position Open To:

All Applicants

----

Weekly Scheduled Hours:

40

----

FLSA Status:

To Be Determined at Offer

----

Earliest Start Date:

Ongoing

----

Position Duration:

Expected to Continue

----

Location:

AUSTIN, TX

----

Job Details:

General Notes

The Information Security Office (ISO) assures the security of the university's Information Technology (IT) resources and the existence of a safe computing environment in which the university community can teach, learn, and conduct research. Additional information about ISO can be found here: https://security.utexas.edu/

As part of ISO, the University of Texas Regional Security Operations Center (UT RSOC) will be focused on delivering a variety of cybersecurity services to various non-profit and/or government funded entities throughout the state (e.g., ISDs, municipalities) to raise awareness, improve security posture and resilience, etc. for entities that otherwise might not have much to work with.

This position requires you to maintain Internet service and a mobile phone with voice and data plans to be used when required for work.

Must be authorized to work in the United States on a full-time basis for any employer without sponsorship. 

Purpose

Support the UT RSOCs Attack Surface Intelligence program by developing and testing custom Nuclei detection templates for Scavenger, a proactive scanning tool that identifies vulnerabilities and misconfigurations in Texas public-sector infrastructure. 

Responsibilities

• Develop and Maintain Nuclei Detection Templates: Author custom YAML-based detection templates for use with the Nuclei vulnerability scanner. These templates identify misconfigurations, outdated software, and emerging threats by referencing CVEs and threat intelligence. Templates should follow consistent standards for naming, metadata, logic flow, and detection quality.
• Test and Validate Template Behavior: Run and debug templates in isolated environments such as labs or staging instances to validate behavior, reduce false positives, and ensure no disruptive or unsafe scanning. Testing should be repeatable and documented. Students will also review scan output to refine template logic and increase detection accuracy.
• Integrate Templates into Scavenger Pipeline: Work with RSOC engineers to incorporate validated templates into Scavenger, UT RSOC’s custom scanning framework. Ensure templates are formatted for compatibility, include appropriate tagging and version control, and are regularly updated as threat conditions evolve. Templates will become part of production scanning infrastructure.
• Participate in Threat Research and Intelligence Sprints: Conduct focused weekly or biweekly research on CVEs, public vulnerability feeds, GitHub PoCs, and emerging threats. Identify gaps in existing Nuclei coverage and propose new detection logic. Students will learn to prioritize threats based on relevance to the Texas public-sector landscape and infrastructure.
• Collaborate on Detection Use Cases and Reporting: Join RSOC team discussions to review scan results, investigate false positives, and adapt templates to improve signal-to-noise ratios. Share findings in structured reports. Maintain clear documentation of each template’s purpose, use case, expected behavior, and operational impact to support internal review and reproducibility.
• Contribute to Documentation and Continuous Improvement: Maintain structured records for each detection artifact, including YAML syntax details, expected output, tested services, and change history. Help improve the template lifecycle process by identifying friction points and proposing solutions. Collaborate via GitHub and contribute to internal wikis or SOPs.

Required Qualifications

• U.S. Citizen, resident, or officially recognized asylee - Applicant selected will be subject to government security investigation and must meet eligibility requirements for access to classified information at the level appropriate to the project requirements of the position.
• Currently enrolled as a UT Austin undergraduate student 
• Demonstrated interest in cybersecurity, penetration testing or threat detection
• Familiarity with the Nuclei tool or YAML-based templates
• Understanding of web vulnerabilities (e.g., OWASP Top 10, common CVE’s)
• Ability to work independently and meet deadlines
• Strong attention to detail and clear documentation habits.

Relevant education and experience may be substituted as appropriate.

Preferred Qualifications

• Experience with scripting (Python, Bash) and Git/GitHub workflows.
• Prior exposure to vulnerability scanning pipelines or bug bounty-style recon.
• Knowledge of HTTP/HTTPS protocol behaviors, API endpoints, or fingerprinting techniques.
• Strong written communication and an interest in automation tooling.

Salary Range

$22.00 + depending on qualifications

Working Conditions

• May work around standard office conditions
• Repetitive use of a keyboard at a workstation
• Use of manual dexterity

Materials

• Resume/CV
• Letter of interest

Important for applicants who are NOT current university employees or contingent workers: You will be prompted to submit your resume the first time you apply, then you will be provided an option to upload a new Resume for subsequent applications. Any additional Required Materials (letter of interest, references, etc.) will be uploaded in the Application Questions section; you will be able to multi-select additional files. Before submitting your online job application, ensure that ALL Required Materials have been uploaded.  Once your job application has been submitted, you cannot make changes.

Important for Current university employees and contingent workers: As a current university employee or contingent worker, you MUST apply within Workday by searching for Find UT Jobs. If you are a current University employee, log-in to Workday, navigate to your Worker Profile, click the Career link in the left hand navigation menu and then update the sections in your Professional Profile before you apply. This information will be pulled in to your application. The application is one page and you will be prompted to upload your resume. In addition, you must respond to the application questions presented to upload any additional Required Materials (letter of interest, references, etc.) that were noted above.

----

Employment Eligibility:

Please make sure you meet all the required qualifications and you can perform all of the essential functions with or without a reasonable accommodation.

----

Retirement Plan Eligibility:

Students in this position may choose to enroll in the UTSaver voluntary retirement programs.

----

Background Checks:

A criminal history background check will be required for finalist(s) under consideration for this position.

----

Equal Opportunity Employer:

The University of Texas at Austin, as an equal opportunity/affirmative action employer, complies with all applicable federal and state laws regarding nondiscrimination and affirmative action. The University is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, or veteran status in employment, educational programs and activities, and admissions.

----

Pay Transparency:

The University of Texas at Austin will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.

----

Employment Eligibility Verification:

If hired, you will be required to complete the federal Employment Eligibility Verification I-9 form.  You will be required to present acceptable and original documents to prove your identity and authorization to work in the United States.  Documents need to be presented no later than the third day of employment.  Failure to do so will result in loss of employment at the university.

----

E-Verify:

The University of Texas at Austin use E-Verify to check the work authorization of all new hires effective May 2015. The university’s company ID number for purposes of E-Verify is 854197. For more information about E-Verify, please see the following:

• E-Verify Poster (English and Spanish) [PDF]
• Right to Work Poster (English) [PDF]
• Right to Work Poster (Spanish) [PDF]

----

Compliance:

Employees may be required to report violations of law under Title IX and the Jeanne Clery Disclosure of Campus Security Policy and Crime Statistics Act (Clery Act). If this position is identified a Campus Security Authority (Clery Act), you will be notified and provided resources for reporting. Responsible employees under Title IX are defined and outlined in HOP-3031.

The Clery Act requires all prospective employees be notified of the availability of the Annual Security and Fire Safety report. You may access the most recent report here or obtain a copy at University Compliance Services, 1616 Guadalupe Street, UTA 2.206, Austin, Texas 78701.