CORA Reviewer

Peraton•Fort Meade, MD

2d•Onsite

About The Position

Peraton seeks a Cyber Operational Readiness Assessment (CORA) Reviewer to support Department of Defense Cyber Defense Command (DCDC) Readiness and Security Inspection (DRSI). This role involves performing assessments of systems and networks to identify deviations from acceptable configurations and policies, measuring defense-in-depth effectiveness, and analyzing cyber defense compliance with regulations. The CORA Reviewer will conduct on-site reviews at CONUS/OCONUS locations, reviewing various inspection certifications, security test and evaluations, and compliance validations for DCDC-DODIN, DOD, and other mission partner enclaves, systems, applications, and programs. This includes reviewing vulnerability assessments, Security Requirements Guides (SRGs), STIGS, DOD Policy, Cyber Tasking Orders, and Operational Orders, and inspecting a wide range of security aspects including boundary security, network infrastructure, DNS, Exchange Server, vulnerability scans, traditional security, virtual infrastructure, cross-domain solutions, endpoint security, wireless, databases, and Windows/UNIX infrastructures.

Requirements

Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD. Will consider HS+12.
Must have an IAT Level II Certification or higher, such as CCNA, CySA+ (SecurityX), GICSP, GSEC, Security+, CND, or SSCP within 60 days of start.
Knowledgeable of cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.
Experience preparing audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.
Active TS with ability to obtain SCI clearance.
Able to support frequent travel and operate as a team.
U.S Citizenship required.

Nice To Haves

KSAs aligned to Vulnerability Assessment Analyst under the DOD Cyber Workforce Framework (DCWF).
Active TS SCI clearance.

Responsibilities

Perform assessments of systems and networks within the network environment or enclave and identify deviations from acceptable configurations, enclave policy, or local policy.
Measure effectiveness of defense-in-depth architecture against known vulnerabilities and risk indicators.
Analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives (i.e., analysis of mitigations).
Conduct numerous on-site reviews at CONUS/OCONUS locations.
Review DODIN Inspections certification assessments, security test and evaluations, and compliance validations of DCDC-DODIN, DOD, and other mission partner enclaves, systems, applications, and programs.
Conduct reviews of vulnerability assessments, Security Requirements Guides (SRGs), STIGS, DOD Policy, Cyber Tasking Orders and Operational Orders.
Inspect: Boundary Security, Network Infrastructure, Domain Name System (DNS), Exchange Server, Network Vulnerability Scans, Traditional Security, Releasable Review, Virtual Infrastructure and Environments, Cross Domain Solution (CDS), Endpoint Security Solutions, Wireless, Database, and Windows/UNIX Infrastructures.
During unit reviews, assist with cybersecurity directives, orders, DOD Security Technical Implementation Guides (STIGS), cybersecurity activities, and other requirements or best practices.