Cyber Systems Operation Research Analyst (CORA) Reviewer

About the position

Peraton seeks a Cyber Operations Research Analyst (CORA) Reviewer to conduct DODIN cybersecurity reviews conducted on site at Continental United States (CONUS), Outside Continental United States (OCONUS), and DOD mission partner locations. Travel is expected. Location: Chambersburg, PA.

Responsibilities

• Support inspections, evaluations, audits, assessments, DCO-IDM missions, and/or self-assessments of the DODIN -- follow the DODIN Inspections and Assessments Schedule.
• Support on-the-job training and certify new Reviewers via the reviewer certification process.
• Perform assessments of systems and networks within a Network Environment (NE) / enclave and identify deviations from acceptable configurations, enclave policy, or local policy.
• Follow policies and procedures for specific review type, ensuring that technical expertise is properly represented.
• Conduct vulnerability reviews, review Security Requirements Guides (SRGs), STIGs, DOD Policy, Cyber Tasking Orders (CTO) and Operational Orders to determine the security posture and compliance of the site/NE/enclave.
• Assist in developing the Executive Summary/Briefings/Reports for each trip/assessment.
• Conduct internal and/or external vulnerability scans.
• Assemble scanning 'packages' prior to conducting scans.
• Perform technical Security Readiness Reviews (SRRs).
• Use the appropriate technology STIG/SRG and, where applicable, the appropriate automated script or tool for that technology.
• Provide assessments of the security posture of the organization (traditional): Personnel security, INFOSEC, Physical security, Industrial security, Counterintelligence, and overall security management.
• Develop and maintain cybersecurity vulnerability review, inspection, and audit Standard Operation Procedures (SOPs), Tactics, Techniques and Procedures (TTPs), checklists, and guides.
• Identify the root cause and gap analysis.
• Provide resolution support during the Cybersecurity review.
• Provide recommendations for fixes and mitigation strategies and validate post inspection vulnerability mitigation actions as requested.
• Identify where systems/networks deviate from acceptable configurations, enclave policy, or local policy.

Requirements

• Minimum of 12 years experience with BS/BA, 10 years with MS/MA, 7 years with Ph.D. Will consider HS with 16 years of experience.
• Senior Reviewers must have at least 2 years of direct experience.
• Must have experience in collecting, analyzing, and assessing data in order to provide formal feedback.
• Able to analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.
• Should have experience with maintaining a deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions.
• Skilled in reviewing logs to identify evidence of past intrusions.
• Able to identify systemic security issues based on the analysis of vulnerability and configuration data.
• Able to identify/assess proper architecture for different operating environments.
• Understanding of cybersecurity strategy in cloud computing service and deployment models.
• Must have knowledge of applicable DOD cyber defense policies, regulations, and compliance documents.
• Needs to have an understanding of different types of reviews/assessments.
• As a CORA Reviewer, must cross-certify in multiple related technology areas to allow flexibility for assessment needs from various organizations.
• Current IAT Level II certification or the ability to obtain within 60 days of hire.
• Current IAM Level II certification or the ability to obtain within 60 days of hire.
• TS/SCI security clearance or the ability to obtain SCI.
• U.S Citizenship required.

Nice-to-haves

• Active TS/SCI clearance.
• Current IAT Level III CSSP-Auditor certification.
• Current IAM Level III certification.

Benefits

• Heavily subsidized employee benefits coverage for you and your dependents.
• 25 days of PTO accrued annually up to a generous PTO cap.
• Participation in an attractive bonus plan.