CORA Reviewer

Peraton•Fort Meade, MD

1d•$135,000 - $216,000•Onsite

About The Position

Peraton seeks a Cyber Operational Readiness Assessment (CORA) Reviewer to support Department of Defense Cyber Defense Command (DCDC) Readiness and Security Inspection (DRSI). This role involves performing assessments of systems and networks, measuring defense-in-depth effectiveness, and analyzing cyber defense policies for compliance. The reviewer will conduct on-site reviews at various locations, examine inspection certifications, and review vulnerability assessments and security guidelines. The position is located at Fort Meade, MD.

Requirements

Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD. Will consider HS+12.
Must have an IAT Level II Certification or higher, such as CCNA, CySA+ (SecurityX), GICSP, GSEC, Security+, CND, or SSCP within 60 days of start.
Knowledgeable of cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.
Experience preparing audit reports that identify technical and procedural.findings and provide recommended remediation strategies/solutions
During unit reviews, assist with cybersecurity directives, orders, DOD Security Technical Implementation Guides (STIGS), cybersecurity activities, and other requirements or best practices.
Active TS with ability to obtain SCI clearance.
Able to support frequent travel and operate as a team.
U.S Citizenship required.

Nice To Haves

KSAs aligned to Vulnerability Assessment Analyst under the DOD Cyber Workforce Framework (DCWF).
Active TS SCI clearance.

Responsibilities

Perform assessments of systems and networks within the network environment or enclave and identify deviations from acceptable configurations, enclave policy, or local policy.
Measure effectiveness of defense-in-depth architecture against known vulnerabilities and risk indicators.
Analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives (i.e., analysis of mitigations).
Conduct numerous on-site reviews at CONUS/OCONUS locations.
Review DODIN Inspections certification assessments, security test and evaluations, and compliance validations of DCDC-DODIN, DOD, and other mission partner enclaves, systems, applications, and programs.
Conduct reviews of vulnerability assessments, Security Requirements Guides (SRGs), STIGS, DOD Policy, Cyber Tasking Orders and Operational Orders.
Inspect: Boundary Security, Network Infrastructure, Domain Name System (DNS), Exchange Server, Network Vulnerability Scans, Traditional Security, Releasable Review, Virtual Infrastructure and Environments, Cross Domain Solution (CDS), Endpoint Security Solutions, Wireless, Database, and Windows/UNIX Infrastructures.