Making Yourself Competitive for Internships in Computer Science

To all the students out there majoring in Computer Science feeling like they don't have any skills and don't know what direction they want to head in, this one is for you.

For a little background on what inspired me to write this article, please read my first article on the topic Majoring in Computer Science: What I Wish Someone Had Told Me Sooner.

The TL;DR for that article is: whether you like it or not, you're going to have to put in some hours outside the classroom if you want to be competitive. I want to help you spend your time efficiently and get you heading in the right direction, because if someone had helped me figure this out a little sooner, it could have opened so many doors for me.

The Three Most Important Things To Keep In Mind

1. You may have to take a less prestigious position starting out. Take that internship offer for that no-name company and excel in the position! It may not be Facebook, Google, or Amazon, but it will definitely teach you, help you grow, and introduce you to talented people working in your field. Don't look down on smaller, less prestigious companies who are offering you an opportunity. Take it and run with it!
2. Be patient with yourself. It might take you longer than someone else to learn a certain concept or to complete an assignment or project, but keep in mind that finishing something quickly doesn't make it better! Take your time to learn it and do it right the first time, even if takes you twice as long as someone else.
3. You can always change your mind. Always. Just because you wrote an Android application and that's all you have in your portfolio, doesn't mean you need to be an Android developer forever.

Figuring Out What You Want To Do

This is a big one. For someone like me, everything seems cool! There are endless possibilities in Computer Science. Every day I read an article about an amazing new technology or a possibility for research and I think to myself, "Man, that sounds awesome. I'd love to do that!" If you're an innately curious person, you may find yourself doing the same thing. While this curiosity is awesome for learning, it can backfire when you are internship hunting. Dabbling in too many different things can make you a jack of all trades but a master of none. Unfortunately, companies are really obsessed with you already having certain qualifications so you've got to narrow it down if you want your skills to give you a competitive advantage. Here's what I suggest:

1. Make a list of 3-5 different fields in Computer Science that interest you or even a topic you have heard about, but don't know what it means. These can be general, like Cyber Security, Machine Learning, Computer Graphics, etc.
2. Watch some basic YouTube videos, read job descriptions, and look up class syllabi at your school, to get information related to each of those fields and help you get a better understanding of what they involve. Spend no more than 15 minutes on each topic. It's just an introduction.
3. Reorganize your list in terms of what interests you most, and what you want to explore first!

At this point, you should have a list of no more than 5 topics that you want to explore. The list should be ordered by priority. What are you most interested in exploring first? A reminder again that you can change your mind later and reorder your list accordingly. No big deal.

I'm going to talk you through the next part by using an example. Just assume that I've only done the quick 15 minute background research described above. After doing so, I had Cyber Security at the top of my list. During my background research, I wrote down a few topics and buzzwords. I don't know what they mean (yet), but they came up in my quick google searches and in reading some job descriptions for cybersecurity internship postings. I strongly recommend looking at the job descriptions for your most coveted internships and seeing what they list as qualifications or as "bonus" skills. Write those things down.

In a notebook I keep, I had written down penetration testing, web application and browser security, and networking protocols. Now take 15 minutes for one of your buzzwords and dig a little bit deeper into what the word means and/or requires. The name of the game here, is to start small and don't worry about getting too technical. Set a time limit (15-30 minutes). If you hit your time limit, but you haven't gotten much out of the word you started with, switch to a new buzzword. I want to walk you through my thought process. To keep the example pretty short, I'm going to continue by looking only at the web application security buzzword.

Here's How I Went About Exploring This Topic

While looking up web application security, I kept coming across the term OWASP and I noticed that "OWASP Top 10" was listed in an internship posting at Salesforce. I wrote both of these down. I Googled "OWASP Top 10" and pulled up a site with an "OWASP Top 10 Cheat Sheet". It felt like I struck gold, a huge numbered list of all the relevant information. I clicked the first bulleted list item, and boom, a new page with tons of new information, and another numbered list of all the relevant details and links. I started with the first link, reading some information, clicking a new link, and pulling up a new page, which then led me to a new page with even greater detail. All the sudden there are 15 tabs open in the browser and I can't remember where I started. This is not going to be an effective strategy and it's usually how we go astray when trying to learn something new. The problem is not having a clearly defined objective.

So here's what I should have done instead. As soon as I saw the term OWASP repeated both in web application articles and in an internship posting I was interested in, I should have written down immediately what OWASP stands for, Open Web Application Security Project. There's no need to go diving into the OWASP documentation, the name alone gives me an idea of where I'm headed and how this term relates to what I'm looking for. Next, I should have looked up what the "OWASP Top 10" is before clicking on links in the list. According to this source it's "is a powerful awareness document for web application security." Without looking any further, I can tell this isn't a new API or software tool I need to learn, it's a document I should explore. This tells me I'm going to need to find a way to incorporate the information in this document into a mini-project of some kind so that I can showcase my understanding of these security concepts. After all, I'm trying to build a portfolio of work I can show off. Instead of going down the link clicking rabbit hole, I now have a clear objective in mind: incorporate best practices for web application security (from the OWASP Top 10) into a small scale project to showcase my understanding of web application security fundamentals. Now I have a clear direction to go in and a well defined objective for a project.

You Have An Objective, Now What?

Now that you know what you want to center a project around, it's time to figure out how best to implement a project. Start by having a moment of reckoning with yourself. Here's what that looked like for me. I looked at the OWASP Top 10 and realized it's a 25-page long document. I can't possibly digest all of that information and turn it into a meaningful project. I need to start small by setting an achievable, reasonable goal for myself, so this means I'm going to have to break it down even further than the Top 10 list.

I skim the 25-page document until I find the list of the top ten web application security risks. I choose the first one, "Injection". The document says, "Injection flaws, such as SQL, NoSQL, OS, and LDAP injection, occur when untrusted data is sent to an interpreter as part of a command or query." Identify any familiar terms like query, SQL, etc. Query and SQL, I've come across before so I know I'm likely to be looking at something to do with databases. Thinking like this is important because it helps you begin to connect the different terms, concepts, tools, programs, and languages that you'll come across in Computer Science. If you don't recognize anything in that description, try reading the description on some of the other terms and looking for something familiar. It might make it easier to build your project if you have a little bit of background.

Take some or one of the keywords you've been looking at, type them into a Google search, and add "tutorial" to the end. I searched "SQL Injection Tutorial" in the hope of finding a concrete example I could walk through to understand what injection is. The first link that comes up is this awesome example! The tutorial walks you through the basic concepts behind injection and shows you how bad the consequences can be if you don't protect against it. I didn't have to set up a new development environment, learn a new programming language, or set up my own server and database to attempt to hack. I understood that I wasn't at that level yet, and I needed to digest a smaller piece of the puzzle first. So now I have walked through this cool example of SQL injection. I've seen an injection in progress and learned some basic SQL syntax. Now what?

In my next piece in the series, I want to help you harness the power of these mini-projects and use your resources effectively to showcase what you're learning and working on. Until then, try practicing what I suggested here on a topic of interest and completing your own mini-project. Remember these main ideas as you're sitting down to start:

• Break things down into smaller, more manageable chunks. When you think you have a reasonable goal, break it down again. You can't know what you don't know. Something that might sound really simple and easy to you, may actually be significantly more time consuming and complex than you realize. To avoid becoming too frustrated later on, force yourself to dissect a topic down to the most simple keywords. Doing so will help you start to build your skills much faster.
• Remember that you aren't going to conquer an entire field in one sitting. Progress may be slow, and that's okay! It takes time to build up your skill set and you have to do it in small chunks. In my example above, I learned some basic syntax and a new concept called injection. It's one of hundreds of potential security vulnerabilities, but by focusing on one and getting a good understanding of it, I can show a company that I am both interested in learning about vulnerabilities, able to learn about them independently, and capable of learning new ones.
• The hardest part is not the project, it's defining the objective. My example above probably sounds trivial when you read through it, but when you start looking at your own topics of interest, it's very easy to go off the rails and end up with no clear plan or objective. Really force yourself to identify and define, preferably in writing, what it is you hope to accomplish and how that helps you move forward.
• You may realize you don't like something or are interested in something else along the way. Change your list accordingly! This is the process of discovering what you are interested in. It will most certainly change over time and as you gain a better understanding of topics in this field. Don't be afraid to go back to square one.
• Write things down. I can't stress this enough. Keep a notebook (physical or electronic) that has all of your discoveries, project ideas, keywords, and concepts in it. Writing something down in your own words is the best way to test your understanding and help you remember it.

I used to think I would never be able to figure out what I was interested in unless I had an internship or some kind of professional experience first. That's just not true. We have tons of information available to us online and through our university resources. You just have to train yourself to use these resources effectively! Achievable goals, manageable mini-projects, and some killer branding will help you step your game up.

I'd like to know what's working for you. Are you defining your project objectives before you start? How are you approaching your side projects? Are you completely lost still and need more guidance? Drop a comment below. There's a great community on LinkedIn who will be happy to help you!

Until next time!