The Company

Technical Consulting & Research, Inc. (TCR) is a consulting and research firm and award-winning company at the forefront of advanced information technologies, cyber security, risk assessment, data mining, operation research, industrial engineering, online learning, and educational development. TCR’s mission is to help organizations successfully adopt emerging technologies and to optimize their workflow and operations. More information can be found on TCR’s website: https://tcrinc.com/

TCR offers unpaid internships in various industry and functional areas that are designed to help students build critical, in-demand skills needed to succeed in the real world. The internship is virtual so you can work from home. The hours are flexible. There is a weekly online team meeting with your supervisor, the CEO. The internship provides hands-on coaching, mentoring, and training experiences that will help get you noticed by prospective employers. TCR tries to align the specific internship activities/projects with the needs and interest of each intern. Internship can be taken for course credit, CPTs, and OPTs, with permission from your school or university.

Technical Consulting & Research, Inc. (TCR) is an affirmative action-equal opportunity employer.

Position and Candidate Overview

Skills

· Creativity and problem solving

· Communication skills

· Ability to work independently and collaboratively

· Technical presentation skills

· Analytical and detail-oriented

The intern will learn and apply cybersecurity, technology, regulatory compliance and security measures to information technology systems, infrastructures, processes and procedures.

The Cybersecurity Volunteer internship has flexible work hours, with negotiable start and end dates, as needed to fit your schedule. The intern is required to participate in weekly team meetings up to hours per week.

The intern will work remotely at home via an Internet connection using TCR hosted servers and software. The intern will communicate with other TCR staff via email, phone, Webinars, and other online communication vehicles.

Required Equipment

The intern will need a telephone and computer (preferably Windows, or Mac) with high-speed broadband or DSL Internet connectivity. Approved anti-virus software must be installed on computer.

Project Activities

Learn about technologies relating to one or more of the following and how they are used to mitigate real-world cybersecurity vulnerabilities:

· Network Configuration

· Malware and Hacking

· Computer Forensics

· HIPPA Technical System Safeguards

· NIST/Cybersecurity Framework Standards

· Systems Security

Qualifications

· Current students or recent alumni from undergraduate or graduate degree programs in one or more of these fields: Cyber Security, Computer Science, Computer Engineering, Telecommunications and Networking, Software Engineering or Information Systems.

· Experience with Linux/Ubuntu/Apache/MYSQL/PHP is highly desirable. Familiarity with the following is highly desirable: Content Management Systems (especially WordPress), HTML, PHP, JavaScript.

· Familiarity with operating system administration; for example, configuration of mail systems, system installation and configuration, fundamentals of security, installing third-party software, is highly recommended.

· Experience with host security (e.g., passwords, uids/gids, SIDs, file permissions, ACLs, file system integrity, use of security packages) is desirable.

· Knowledge of fundamental networking/distributed computing environment concepts and basic troubleshooting is needed.

· Experience with network security (e.g., configuring firewalls, deploying authentication systems- Kerberos, SecurID, RADIUS, or applying cryptography to network applications) is highly desirable.

· Ability to write/debug administrative and reporting tools in some programming language (Perl/Shell or Python desired; Java, C, C++, or other experience acceptable) is required.

Knowledge and experience in one or more of the following areas is desirable:

· Access Control – knowledge of security architectures to protect the assets of information system and protect against attacks.

· Telecommunications and Network Security – knowledge of network structures, transmission methods, transport formats and security measures used to provide availability, integrity and confidentiality.

· Information Security Governance and Risk Management –knowledge of the identification of an organization’s information assets and the development, documentation and implementation of policies, standards, procedures and guidelines.

· Software Development Security – knowledge of controls that are included within systems and applications software and the steps used in their development. This including Systems development life cycle (SDLC), application environment and security controls, and application security.

· Cryptography – knowledge of the principles, means and methods of disguising information to ensure its integrity, confidentiality and authenticity, including Encryption concepts, Digital signatures, Cryptanalytic attacks, and Public Key Infrastructure (PKI).

· Security Architecture and Design – knowledge of concepts, principles, structures and standards used to design, implement, monitor, and secure, operating systems, equipment, networks, applications, and those controls used to enforce various levels of confidentiality, integrity and availability, including security models, memory protection, virtualization, vulnerabilities and threats (e.g. cloud computing, aggregation, data flow control)

· Operations Security – knowledge of resource protection, incident response, attack prevention and response, and patch and vulnerability management.