Description: The Senior Cyber Architect will support TRC’s Advanced Energy practice and its customers by providing consulting solutions across multiple programs. This position will be in Fredericksburg, Virginia. The successful Cyber Architect will be assisting programs with secure architecture design and resiliency as well as participating in the development of proposals to build resiliency into solutions. The candidate may also perform Cybersecurity Impact Evaluations (CIE). This can include table tops and penetration testing. The Cyber Architect will review all current and proposed system architectures to ensure that cybersecurity is maintained, and any risk is minimized. The Cyber Architect will be expected to lead personnel and be an authoritative resource in all cybersecurity related matters. The Cyber Architect will be expected to develop thorough reports on findings with mitigation steps to fix difficult problems. Reporting will be provided in person to customer on at least a monthly basis.
– Demonstrated tactical and strategic cybersecurity leadership
– SME in Cyber Incident Handling and Response
– SME in Network Penetration Testing and Ethical Hacking
– SME in Threat Analytics
– Significant Experience performing incident response and attack reconstruction.
– Network, Memory and Disk Forensics
– Malware Analysis
– Vulnerability Assessments
– SEIM and log Aggregation implementations using technologies such as Splunk
– Intrusion Detection with Snort, Yara or similar technologies
– SME in Microsoft Operating Systems
– Demonstrated Advanced Proficiency in Linux/Unix
– Demonstrated success as public speaker and public instruction
– Conduct a wide variety of customer engagement activities ranging from public speaking, training, live hacking demonstrations and training workshops. Audiences will range from entry level, executive and board level employees.
– Provide liaison function for DHS and FBI for large critical asset owner. Develop and maintain existing relationships with federal, state and local law enforcement agencies.
– Ability to translate cyber intelligence into actionable business intelligence and recommendations.
– Conduct a wide variety of penetration testing activities including network penetration testing, web application penetration testing, wireless penetration testing and some user awareness (social engineering) testing.
– Proven success in procuring, configuring, deploying and maintaining advance cyber-specific technologies including endpoint detection & response, digital forensics, intrusion detection systems and incident handling toolsets.
-Procure, configure, install and maintain Intrusion Prevention System (IPS).
-Procure, configure, install and maintain Endpoint Detection & Response solutions (EDR).
– Demonstrated ability to manage multiple third-party contracts and services.
– Detect and responds to criminal and nation state threat actor activity.
– Hardware and software reverse engineering and testing.
– Electric utility background is a plus.
– Broad background in information tools, concepts and issues across a broad range of technologies including Network and Software, Network Penetration Testing, Web Application Penetration testing by related work experience
– Proficient with a variety of penetration testing tools and methodologies
– Reverse Engineering Malware
– Secure Software Design and Architecture
– Expertise in Software and Application Concepts with the ability to conduct code reviews is a plus.
– Proficient in Reverse Engineering and Malware Analysis