Contributors:
Derrel Immanuel
Ethan Kanasan Debendra
Introduction
LGMS is a leading cybersecurity firm that specializes in services such as penetration testing, compliance audits, and digital forensics. With a strong mission to enhance organizational security through ethical and professional practices, LGMS has built a solid reputation both locally and internationally. Headquartered in Subang Jaya, the company also offers valuable internship opportunities for students looking to gain real-world exposure in the cybersecurity industry. In this blog, we’re hearing from Derrel Immanuel and Ethan Debendra, who recently completed their internships at LGMS. They’ll be sharing their journey, key takeaways, and what it was like to be part of the LGMS family. Let’s get started!
What is your role and your responsibilities?
Derrel: I was a Cyber Security Intern in one of the Penetration Testing teams under the Technical Department. As interns, we basically had to be ready to jump in and help our seniors with whatever tasks came up. One of the common things we handled was writing penetration testing and configuration security assessment reports. Each type of test had its own report template, so we just followed that to document all the vulnerability findings. I got a bit lucky with my team where they were also working on research and creation of security hardening checklists for databases and network switches, so I got to be part of that too.. Since it was only a 3 month internship, I didn’t get to do much hands-on stuff, but I still managed to do a few. I helped with post-penetration testing on a client’s web service, performed wardriving at client site, did reconnaissance on targets for red teaming exercise, drafted phishing email scenarios, and even helped verify compliance status for host and database security configurations. Thanks to my team lead, who was kind enough to let me get involved in some hands-on tasks before I wrapped up just to make sure I got a little taste of everything.
Ethan: I was a penetration testing intern in the technical team. My main role includes but is not limited to completing various kinds of penetration testing and security configuration reports, as well as learning and observing penetration testing processes from my team. Due to a short period of my internship of 3 months, my technical assessments tasks were very limited, but to those who are having an internship period of 6 months or more, hands-on technical assessments are most likely to be given as tasks. Throughout my internship, I have also helped out other departments like HR and Marketing to complete various tasks as well when I have no tasks on hand.
Why did you join LGMS?
Derrel: To be honest, when I was applying for internships, it wasn’t easy. Out of around 15 to 20 companies I applied to, only LGMS and one other cybersecurity firm actually responded. After the interviews, I was lucky enough to get offers from both. But I decided to go with LGMS because the other company’s job scope didn’t really match my interests, while LGMS’s focus on offensive security sounded way more exciting to me. The interview at LGMS was also conducted in person, and honestly, I kind of fell in love with the office environment. Even though LGMS offered a slightly lower allowance compared to my other offer, I chose to prioritize my interests over pay and looking back, I’m really glad I did.
Ethan: At first, I wasn’t familiar with the company, as I heard about it from a friend and decided to apply for an internship there. To be honest, I chose LGMS because they were the first to respond to my application. However, after doing some research, I discovered that LGMS is one of the well-known cybersecurity firms in Malaysia, serving clients both locally and internationally, and decided to give it a try.
What did your day-to-day look like?
Derrel: I would reach the office at 9:30 a.m., and everyone in my team had to update what they would be working on for the day before we started doing anything. I’d grab a cup of coffee (no coffee, no life) before starting on my assigned tasks. Meanwhile, if I were on standby, I’d do HackTheBox labs or socialise with my team members to learn about the security assessment they are working on. I’d follow my colleagues for lunch, and after that, I’d occasionally join in for pool games at the office. Every Monday and Thursday, there would be a team sync-up meeting to update what’s done, what’s ongoing, and what’s next. I usually leave the office around 6:30 p.m. to head home.
Ethan: I would arrive at the office at 9.30, checking in with the team for any assigned tasks, and if there is none, I will just complete modules on HacktheBox. Besides that, I would usually observe and learn about the assessments my team members are doing, and have random conversations as well. During lunchtime, I would play some pool and racing sim with my colleagues after lunch. We will have a team meeting at the end of the week to go through the tasks and projects that everyone is working on.
What were the challenges you faced and how’d you overcome them?
Derrel: Getting adapted to their reporting format was a bit difficult at first because it was a lot more technical and detailed compared to our MMU assignment reports. I cleared my doubts with my seniors whenever I got stuck on any part of the report. Another challenge was picking up essential knowledge of security tools like theHarvester, amass, and Burp Suite within a short time to complete the tasks given. I mostly relied on internet resources, tool documentation, and ChatGPT to self-learn and debug issues. I’d only approach my seniors for help when I ended up in a real rabbit hole. One valuable thing I learned was to ask questions with opinions. My seniors taught me that doing so helps to understand concepts faster.
Ethan: At first, I was a little lost on the report formatting of the company, but that was clarified and solved within the first week of my internship. Other than that, I did not face any major challenges, as communication within the team was smooth and the work environment was very positive. Even members from other teams were always willing to help whenever I had any issues.
How did you prepare for the interview?
Derrel: I just learned about the company’s services, went through basics of Cyber Security concepts I have learned and did a reflection on how my strengths can contribute to the company.
Ethan: I didn’t prepare too much for the interview, I just read up about the company before the interview and did my due diligence about what might possibly be asked.
What was your greatest achievement in LGMS?
Derrel: It has to be definitely finishing quality tasks on time and automating time-consuming work using Python scripts to get things done more efficiently and quickly. Another notable achievement was my contribution to the research and creation of security hardening checklists for specific network switches.
Ethan: Being able to complete all my given tasks within the deadline and being exposed to not only technical work but to other departments as well. By getting to know people from other departments and engaging in meaningful conversations with them, I was able to understand the job scopes of different departments and how they work together to contribute to the company’s overall success.
Were there any fun events or social activities at LGMS?
Yes, there were quite a few social events during our time in LGMS. We were fortunate as we joined when the office had just undergone renovation; hence, there was a “Welcome Back” buffet breakfast by the time the renovation was completed. The entire company also celebrated the CEO’s birthday with a mini birthday party at the office. Besides that, we attended a movie night at Aurum Theatre TRX, which was organized by HR. Quarterly team-bonding activities will also be organized among your own teams if you join at the right time lol, but teams also usually plan their own dinners and hangouts from time to time. Every Wednesday, there will also be a badminton session among employees as well.
Would you guys recommend LGMS to your juniors or batch mates?
Of course…More than what knowledge you possess in Cyber Security it’s far more important to have proactiveness, curiosity to learn and the willingness to adapt. That’s exactly what LGMS values most in its interns. If you think that you have the passion to explore offensive security and the mindset to constantly improve, then LGMS is the perfect place for you to start your journey.
Anything else you’d like to add?
Picture of Derrel Immanuel and his team at the entrance area of LGMS
LinkedIn Profiles
IT Society MMU Cyberjaya 
Leave a comment