Tevora
Consultant Development Program (Fall)
Tevora, Fairfax, Virginia, United States, 22032
Consultant Development Program
at Tevora
Irvine, CA and Fairfax, VA - DC Local
Oct 14th, 2024, to December 13th, 2024.
If you haven't heard of Tevora, it's because we've done our job!
Tevora is a tight-knit community of professionals with a shared passion for our craft. Every day, we combine in-depth knowledge of cybersecurity, technology, and compliance to help create more secure digital environments. To Tevorans, every problem is a puzzle in need of solving. We strongly believe that if we put smart, driven people in a room together, they will accomplish great things. We maintain a supportive culture that celebrates continuous learning, diverse perspectives, and sharing the wins. That's why we have our eyes on you.
What's the role?We are pleased to announce we are entering into our Fall Cohort for our Consultant Development Program. Our program is an immersive paid-training program designed to help you strengthen the technical and professional skills you'll need to enter the workforce as a full-time Information Security Associate. Our anticipated start date of this cohort will begin on Oct 14th, 2024, to Dec 13th, 2024.
Tevora University & Mentorship ProgramPractice Disciplines and Consultant 101 taught by Managing DirectorsTaught curriculum involves independent study and hands-on project work with mentoring from experienced Consultants and Practice LeadsA day in the life could include:
For the practice areas that you choose to explore, your expected activities and responsibilities include:
Research emerging information security risk, privacy, and compliance topics for white papers and knowledge sharingAnalysis of client organizations to investigate and identify information security risks and security control vulnerabilitiesAssist with researching risk treatment and vulnerability remediation for client reportsJoining interviews with various clients' subject matter experts to assist in data collectionAssist in template and procedure creation for Compliance and Risk solutionsAssist in report writing and delivery of client reportsLearning about National and International standards, frameworks, and legislations that govern the industry, such as ISO 27000, SOC, HIPAA, PCI DSS, GDPR, and NIST.Please review our different practice areas:
Federal (FED)
Work with organizations connected to the Federal Government, such as defense contractors, financial institutions, and telecommunication systems, to develop and maintain information security programs that adhere to the standards of the Federal Government.Conduct assessments, develop Governance programs, and provide General Advisory Services to help navigate Federal Government standards including:
Federal Information Security Management Act (FISMA)Federal Risk Authorization Management Program (FedRAMP)Defense Federal Acquisition Regulation Supplement (DFARS)North American Electric Reliability Corporation (NERC)New York State Department of Financial Services (NYDFS) Cybersecurity Maturity Model (CMMC)State Risk Authorization Management Program (StateRAMP)
Solutions (SOL)
Plan technical execution plans to meet business requirementsGather requirements to complete execution plansExecute on previously designed plansDocument execution procedures and provide professional insights into technologies involvedAssist Consultants with client engagementsEnterprise Risk Management (ERM)
Aid in the development and maintenance of Enterprise Risk Management programs for organizations across all industriesConduct Enterprise Risk Assessments and analyze potential exposure at a strategic levelPerform Vendor Risk Assessments on behalf of client organizationsDevelop Governance frameworks and Strategies for managing information securityProvide General Advisement Services to help organizations adequately address information security risks upon changes to strategic initiatives, projects, and infrastructure architectureHealthcare (HLC)
Work with hospitals, clinics, insurance companies, medical device manufacturers, and many other technologies service organizations in the Healthcare industry to ensure the protection of Protected Healthcare Information (PHI)Perform organizational security posture and control assessments against Healthcare organizations to validate adequate protection of sensitive healthcare data and ensure compliance against HIPAA and HITRUST.Provide General Advisement Services to help organizations navigate and implement HIPAA and HITRUST compliance upon changes to strategic initiatives, projects, and infrastructure architecture.Incident Response (IR)
Participate in the incident response lifecycle and gain familiarity with relevant methodologies, including detection, analysis, remediation, and deployment of countermeasuresLearn how to use common enterprise security tools and techniques during a computer security investigationParticipate in SOC mentoring and skill-sharing programsParticipate in the analysis of and response to computer network intrusions, web application and server attacks, and insider threats, as appropriateParticipate in business process documentation, metric reporting, and process automationParticipate in threat intelligence research and process documentationComplete other tasks as assigned by your assigned Mentor or Team LeadThreat (TRT)
Participate in Internal and External network penetration testsParticipate in Web application penetration testsStudy penetration testing methodologies and spend time in training labsShadowing of penetration testers and learning in real-world scenariosRemediation validation and reporting supportWriting executive and technical summaries of test results and activitiesCommunication of test status and findings with clientsComplete other tasks as assigned by your assigned Mentor or Team LeadJunior Software Engineer
Be part of a product development team supporting two business owned servicesExposure to the complete software development lifecycleParticipate in the daily scrums reviewing current Tasks (tickets).Participate in Agile ceremonies, including sprint planning, daily stand-ups, ticket refinement and retrospectives.Collaborate with QA team members to troubleshoot and resolve software defects and issues.Support and maintain existing software applications by troubleshooting and resolving bugs, and implementing enhancements as needed.Develop software using Vue.js, Node.js, TypeScript, PostgresBuild unit tests using Cypress and JestComplete other tasks as assigned by your assigned Mentor or Team LeadNecessary skills and qualifications:
The Developing Consultant (DC) is an up-and-coming part of the client-facing consulting team. DCs are responsible for helping in conducting project delivery activities based on their selected Tevora Information Security practice areas including: Enterprise Risk, Compliance, Solutions Implementation, and Threat Research. Interns are expected to continually develop their skills through personal development and Information Security industry participation.
Key Responsibilities
Developing the technical and business skills required to perform billable work on projects as quickly as possibleLearning about industry-standard certifications and their benefitsLearning about National and International standards and frameworks like PCI-DSS, HIPAA, and ISO 27001Observing Implementations of enterprise security solutionsObserving and helping with internal and external penetration testing and social engineering projectsRequirements
Every DC at Tevora is a technologist at heart but understands the critical intersection between business and technology. Foundationally, the ideal candidate will have basic familiarity with:
Networking concepts like firewalls, routers, switches, and DNSComputer troubleshooting and server systems administrationBusiness planning and accountingAny knowledge of compliance frameworks is a plusAbilities
Multi-tasking and time management skillsDynamic, enthusiastic, and excellent interpersonal skillsExcellent writing both expository and technical documentationIntermediate working knowledge of Excel and WordSelf-starter who likes to tinker and learn on their ownEducation and Experience
Bachelor's Degree from an accredited 4-year university (or Military equivalent)Currently enrolled at an accredited 4-year university (or Military equivalent)IT, Cybersecurity, and Information Security certifications a plusWe've got you covered!
Sick Time OffVibrant work cultureCareer advancement opportunitiesAdditional requirements:
A valid driver's license is required.Eligibility to work in the United States.Required to work onsite at our Fairfax, VA or Irvine, CA location.
Thank you for your interest in our Consultant Development Program (CDP). If you are selected for this program, you will become a Developing Consultant with us. This opportunity will challenge and motivate both your aptitude and attitude in Cyber Security. Successful completion of our program as a Developing Consultant may lead to a full-time offer as an entry-level Information Security Associate.
EEOC Statement
Tevora is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or other applicable legally protected characteristics.
at Tevora
Irvine, CA and Fairfax, VA - DC Local
Oct 14th, 2024, to December 13th, 2024.
If you haven't heard of Tevora, it's because we've done our job!
Tevora is a tight-knit community of professionals with a shared passion for our craft. Every day, we combine in-depth knowledge of cybersecurity, technology, and compliance to help create more secure digital environments. To Tevorans, every problem is a puzzle in need of solving. We strongly believe that if we put smart, driven people in a room together, they will accomplish great things. We maintain a supportive culture that celebrates continuous learning, diverse perspectives, and sharing the wins. That's why we have our eyes on you.
What's the role?We are pleased to announce we are entering into our Fall Cohort for our Consultant Development Program. Our program is an immersive paid-training program designed to help you strengthen the technical and professional skills you'll need to enter the workforce as a full-time Information Security Associate. Our anticipated start date of this cohort will begin on Oct 14th, 2024, to Dec 13th, 2024.
Tevora University & Mentorship ProgramPractice Disciplines and Consultant 101 taught by Managing DirectorsTaught curriculum involves independent study and hands-on project work with mentoring from experienced Consultants and Practice LeadsA day in the life could include:
For the practice areas that you choose to explore, your expected activities and responsibilities include:
Research emerging information security risk, privacy, and compliance topics for white papers and knowledge sharingAnalysis of client organizations to investigate and identify information security risks and security control vulnerabilitiesAssist with researching risk treatment and vulnerability remediation for client reportsJoining interviews with various clients' subject matter experts to assist in data collectionAssist in template and procedure creation for Compliance and Risk solutionsAssist in report writing and delivery of client reportsLearning about National and International standards, frameworks, and legislations that govern the industry, such as ISO 27000, SOC, HIPAA, PCI DSS, GDPR, and NIST.Please review our different practice areas:
Federal (FED)
Work with organizations connected to the Federal Government, such as defense contractors, financial institutions, and telecommunication systems, to develop and maintain information security programs that adhere to the standards of the Federal Government.Conduct assessments, develop Governance programs, and provide General Advisory Services to help navigate Federal Government standards including:
Federal Information Security Management Act (FISMA)Federal Risk Authorization Management Program (FedRAMP)Defense Federal Acquisition Regulation Supplement (DFARS)North American Electric Reliability Corporation (NERC)New York State Department of Financial Services (NYDFS) Cybersecurity Maturity Model (CMMC)State Risk Authorization Management Program (StateRAMP)
Solutions (SOL)
Plan technical execution plans to meet business requirementsGather requirements to complete execution plansExecute on previously designed plansDocument execution procedures and provide professional insights into technologies involvedAssist Consultants with client engagementsEnterprise Risk Management (ERM)
Aid in the development and maintenance of Enterprise Risk Management programs for organizations across all industriesConduct Enterprise Risk Assessments and analyze potential exposure at a strategic levelPerform Vendor Risk Assessments on behalf of client organizationsDevelop Governance frameworks and Strategies for managing information securityProvide General Advisement Services to help organizations adequately address information security risks upon changes to strategic initiatives, projects, and infrastructure architectureHealthcare (HLC)
Work with hospitals, clinics, insurance companies, medical device manufacturers, and many other technologies service organizations in the Healthcare industry to ensure the protection of Protected Healthcare Information (PHI)Perform organizational security posture and control assessments against Healthcare organizations to validate adequate protection of sensitive healthcare data and ensure compliance against HIPAA and HITRUST.Provide General Advisement Services to help organizations navigate and implement HIPAA and HITRUST compliance upon changes to strategic initiatives, projects, and infrastructure architecture.Incident Response (IR)
Participate in the incident response lifecycle and gain familiarity with relevant methodologies, including detection, analysis, remediation, and deployment of countermeasuresLearn how to use common enterprise security tools and techniques during a computer security investigationParticipate in SOC mentoring and skill-sharing programsParticipate in the analysis of and response to computer network intrusions, web application and server attacks, and insider threats, as appropriateParticipate in business process documentation, metric reporting, and process automationParticipate in threat intelligence research and process documentationComplete other tasks as assigned by your assigned Mentor or Team LeadThreat (TRT)
Participate in Internal and External network penetration testsParticipate in Web application penetration testsStudy penetration testing methodologies and spend time in training labsShadowing of penetration testers and learning in real-world scenariosRemediation validation and reporting supportWriting executive and technical summaries of test results and activitiesCommunication of test status and findings with clientsComplete other tasks as assigned by your assigned Mentor or Team LeadJunior Software Engineer
Be part of a product development team supporting two business owned servicesExposure to the complete software development lifecycleParticipate in the daily scrums reviewing current Tasks (tickets).Participate in Agile ceremonies, including sprint planning, daily stand-ups, ticket refinement and retrospectives.Collaborate with QA team members to troubleshoot and resolve software defects and issues.Support and maintain existing software applications by troubleshooting and resolving bugs, and implementing enhancements as needed.Develop software using Vue.js, Node.js, TypeScript, PostgresBuild unit tests using Cypress and JestComplete other tasks as assigned by your assigned Mentor or Team LeadNecessary skills and qualifications:
The Developing Consultant (DC) is an up-and-coming part of the client-facing consulting team. DCs are responsible for helping in conducting project delivery activities based on their selected Tevora Information Security practice areas including: Enterprise Risk, Compliance, Solutions Implementation, and Threat Research. Interns are expected to continually develop their skills through personal development and Information Security industry participation.
Key Responsibilities
Developing the technical and business skills required to perform billable work on projects as quickly as possibleLearning about industry-standard certifications and their benefitsLearning about National and International standards and frameworks like PCI-DSS, HIPAA, and ISO 27001Observing Implementations of enterprise security solutionsObserving and helping with internal and external penetration testing and social engineering projectsRequirements
Every DC at Tevora is a technologist at heart but understands the critical intersection between business and technology. Foundationally, the ideal candidate will have basic familiarity with:
Networking concepts like firewalls, routers, switches, and DNSComputer troubleshooting and server systems administrationBusiness planning and accountingAny knowledge of compliance frameworks is a plusAbilities
Multi-tasking and time management skillsDynamic, enthusiastic, and excellent interpersonal skillsExcellent writing both expository and technical documentationIntermediate working knowledge of Excel and WordSelf-starter who likes to tinker and learn on their ownEducation and Experience
Bachelor's Degree from an accredited 4-year university (or Military equivalent)Currently enrolled at an accredited 4-year university (or Military equivalent)IT, Cybersecurity, and Information Security certifications a plusWe've got you covered!
Sick Time OffVibrant work cultureCareer advancement opportunitiesAdditional requirements:
A valid driver's license is required.Eligibility to work in the United States.Required to work onsite at our Fairfax, VA or Irvine, CA location.
Thank you for your interest in our Consultant Development Program (CDP). If you are selected for this program, you will become a Developing Consultant with us. This opportunity will challenge and motivate both your aptitude and attitude in Cyber Security. Successful completion of our program as a Developing Consultant may lead to a full-time offer as an entry-level Information Security Associate.
EEOC Statement
Tevora is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or other applicable legally protected characteristics.