Job details

Cyber Systems Operation Research Analyst (CORA) Reviewer

Get a free resume review

Responsibilities

Peraton seeks a Cyber Operations Research Analyst (CORA) Reviewer to conduct DODIN cybersecurity reviews conducted on site at Continental United States (CONUS), Outside Continental United States (OCONUS), and DOD mission partner locations. Travel is expected.

Location: Chambersburg, PA.

Tasks include:

Support inspections,evaluations, audits, assessments, DCO-IDM missions, and/or self-assessments of the DODIN -- follow the DODIN Inspections and Assessments Schedule.
Support on-the-job training and certify new Reviewers via the reviewer certification process.
Perform assessments of systems and networks within a Network Environment (NE) / enclave and identifiy deviations from acceptable configurations, enclave policy, or local policy.
Follow policies and procedures for specific review type, ensuring thattechnical expertise is properly represented.
Conduct vulnerability reviews, review Security Requirements Guides (SRGs), STIGs, DOD Policy, Cyber Tasking Orders (CTO) and Operational Orders to determine the security posture and compliance of the site/NE/enclave
Assist in developing the Executive Summary/Briefings/Reports foreach trip/assessmet.
Conduct internal and/or external vulnerability scans
Assemble scanning “packages” prior to conducting scans
Perform technical Security Readiness Reviews (SRRs)
Use the appropriate technology STIG/SRG and, where applicable, the appropriate automated script or tool for that technology.
Provide assessments of the security posture of the organization (traditional): Personnel security, INFOSEC, Physical security, Industrial security, Counterintelligence, and overall security management.
Develop and maintain cybersecurity vulnerability review, inspection, and audit Standard Operation Procedures (SOPs), Tactics, Techniques and Procedures (TTPs), checklists, and guides
Identify the root cause and gap analysis
Provide resolution support during the Cybersecurity review
Provide recommendations for fixes and mitigation strategies and validate post inspection vulnerability mitigation actions as requested.
Identify where systems/networks deviate from acceptable configurations, enclave policy, or local policy.

Qualifications

Required:

Minimum of 12 years experience with BS/BA, 10 years with MS/MA, 7 years with Ph.D. Will consider HS with 16 years of experience.
Senior Reviewers must have at least 2 years of direct experience
This position aligns to the KSA's idenified to the Vulnerability Assessment Analyst under the DOD Cyber Workforce Framework (DCWF):
- Must have experience in collecting, analyzing, and assessing data in order to provide formal feedback. Specifically, able to analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives (i.e., analysis of mitigations).
- Should have experience with maintaining a deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions.
- Skilled in reviewing logs to identify evidence of past intrusions.
- Able to identify systemic security issues based on the analysis of vulnerability and configuration data
- Able to identify/assess proper acrchitecture for different operating environments
- Understanding of cybersecurity strategy in cloud computing service and deployment models
Must have knowledge of applicable DOD cyber defense policies, regulations, and compliance documents
Needs to have an understanding of different types of reviews/assessments
As a CORA Reviewer, must cross-certify in multiple related technology areas to allow flexibility for assessment needs from various organizations (e.g., network reviewer may also support network vulnerability scan, virtual infrastructure, cloud, and other related areas)
Travel is expected to worldwide locations. Travel will be conducted in accordance with the Task Order guidelines.
Current IAT Level II certification or the ability to obtain within 60 days of hire
Current IAM Level II certification or the ability to obtain within 60 days of hire
TS/SCI security clearance or the abllity to obtain SCI
U.S Citizenship required

Preferred:

Active TS/SCI clearance
Current IAT Level III CSSP-Auditor certification
Current IAM Level III certification

Benefits:

Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and participation in an attractive bonus plan.

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$146,000 - $234,000. This represents the typical salary range for this position based on experience and other factors.

EEO

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

Average salary estimate

$190000 / YEARLY (est.)

min

max

$146000K

$234000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Cyber Systems Operation Research Analyst (CORA) Reviewer, Peraton

Peraton is on the lookout for a passionate Cyber Systems Operation Research Analyst (CORA) Reviewer to join our dynamic team in Chambersburg, PA. If you thrive in cybersecurity and possess a keen eye for detail, then this might be the perfect role for you! As a CORA Reviewer, your responsibilities will include conducting crucial DODIN cybersecurity reviews not just within the continental U.S. but also at overseas locations. You'll have the exciting opportunity to support inspections, audits, and assessments, ensuring our network environments are secure. You'll be a pivotal part of on-the-job training, certifying new reviewers through our certification process. If you have experience evaluating systems and networks and can spot deviations from acceptable configurations, you'll fit right in. Not only will you be conducting vulnerability reviews and scanning, but you'll also be providing insightful feedback and crafting executive summaries for each mission. With no two days being the same, expect to collaborate on developing SOPs and TTPs while conducting thorough assessments. Travel is part of the job, taking you to various sites, and you’ll have the ability to make a significant impact on the cybersecurity posture of the organization. If you're ready to take on challenges, share your expertise, and grow with an innovative company like Peraton, we’d love to hear from you!

Frequently Asked Questions (FAQs) for Cyber Systems Operation Research Analyst (CORA) Reviewer Role at Peraton

What are the main responsibilities of a Cyber Systems Operation Research Analyst (CORA) Reviewer at Peraton?

As a Cyber Systems Operation Research Analyst (CORA) Reviewer at Peraton, your primary responsibilities include conducting comprehensive cybersecurity reviews on the DODIN, engaging in inspections, evaluations, and audits, as well as supporting robust assessments of network environments. Additionally, you will be actively involved in training and certifying new reviewers, performing vulnerability assessments, and ensuring compliance with security guidelines. Your role is critical in maintaining the integrity and security of our systems, ensuring that all practices align with applicable cybersecurity policies and protocols.