Consultant Development Program (Summer and Fall) 2025- Enterprise Risk Management

Your expected activities and responsibilities include:

• Research emerging information security risk, privacy, and compliance topics for white papers and knowledge sharing
• Analysis of client organizations to investigate and identify information security risks and security control vulnerabilities
• Assist with researching risk treatment and vulnerability remediation for client reports
• Joining interviews with various clients' subject matter experts to assist in data collection
• Assist in template and procedure creation for Compliance and Risk solutions
• Assist in report writing and delivery of client reports
• Learning about National and International standards, frameworks, and legislations that govern the industry, such as ISO 27000, SOC, HIPAA, PCI DSS, GDPR, and NIST.

Enterprise Risk Management (ERM)

• Aid in the development and maintenance of Enterprise Risk Management programs for organizations across all industries
• Conduct Enterprise Risk Assessments and analyze potential exposure at a strategic level
• Perform Vendor Risk Assessments on behalf of client organizations
• Develop Governance frameworks and Strategies for managing information security
• Provide General Advisement Services to help organizations adequately address information security risks upon changes to strategic initiatives, projects, and infrastructure architecture

Necessary skills and qualifications:

• The Developing Consultant (DC) is an up-and-coming part of the client-facing consulting team. DCs are responsible for helping in conducting project delivery activities based on their selected Tevora Information Security practice areas including Enterprise Risk, Compliance, Solutions Implementation, and Threat Research. Interns are expected to continually develop their skills through personal development and Information Security industry participation.

Key Responsibilities:

• Developing technical and business skills required to perform billable work on projects as quickly as possible
• Learning about industry-standard certifications and their benefits
• Learning about National and International standards and frameworks like PCI-DSS, HIPAA, and ISO 27001
• Observing Implementations of enterprise security solutions
• Observing and helping with internal and external penetration testing and social engineering projects

Every DC at Tevora is a technologist at heart but understands the critical intersection between business and technology. Foundationally, the ideal candidate will have basic familiarity with:

• Networking concepts like firewalls, routers, switches, and DNS
• Computer troubleshooting and server systems administration
• Business planning and accounting
• Any knowledge of compliance frameworks is a plus

Abilities:

• Multi-tasking and time management skills
• Dynamic, enthusiastic, and excellent interpersonal skills
• Excellent writing both expository and technical documentation
• Intermediate working knowledge of Excel and Word
• Self-starter who likes to tinker and learn on their own

Education and Experience:

• Bachelor's Degree from an accredited 4-year university (or Military equivalent) or Currently enrolled at an accredited 4-year university (or Military equivalent)
• IT, Cybersecurity, and Information Security certifications a plus

We've got you covered!

• Sick Time Off
• Vibrant work culture
• Career advancement opportunities

Additional requirements:

• Eligibility to work in the United States.
• Required to work onsite at our Fairfax, VA, Irvine, CA, and DC location.