CORA Assessor

We are seeking a highly skilled and innovative CORA Assessor to join our team in the greater DMV area, supporting the Army National Guard.

Responsibilities

Plan and lead Cyber Operational Readiness Assessments (CORA), Sight Assistance Visits, and Cyber Hygiene Assessment Team activities across state and enterprise environments.
• Conduct preinspection planning, technical deep dives, evidence collection, vulnerability validation, and operational control effectiveness testing.
• Produce assessment artifacts: scorecards, findings, risk analyses, and actionable remediation recommendations.
• Develop, validate, and track Plans of Action and Milestones (POA&Ms) to closure; coordinate remediation with state stakeholders and program teams.
• Deliver authoritative briefings and decisiongrade reports to commanders, senior leaders, and state leadership on assessment results and risk posture.
• Identify trends, recurring deficiencies, and best practices to inform enterprise cyber hygiene improvements and readiness initiatives.
• Coordinate assessment logistics, data handling, and evidence retention to support auditability and compliance with Army/DoD requirements.
• Mentor assessment teams, enforce assessment methodology consistency, and ensure quality assurance of CORA products.

#ENOCS

Qualifications

• 5 years with BS/BA; 3 years with MS/MA; 0 years with PhD

• Clearance: Active TS/SCI clearance.

• Candidate must meet ONE of the following:

  • Master's degree or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR
  • Relevant DoD/military training (examples: Security Control Assessor (Advanced) Playlist; DCMA DIBCAC Cybersecurity Assessor Advanced); OR
  • Relevant professional certification or equivalent experience (examples: CCISO, CISA, CISM, CISSP, CISSPISSEP, CySA+, GSLC, GSNA).

• Required experience and skills:

  • Cybersecurity assessment, audit, or assurance experience and experience leading technical assessments in DoD or large enterprise environments.
  • Demonstrated expertise with CORA/Cyber Hygiene methodologies, NIST SP 80053, RMF, DISA STIGs/SRGs, and DoD/Army assessment criteria.
  • Proven ability to conduct technical validation, produce scorecards/findings, develop POA&Ms, and brief senior leaders.
  • Experience with vulnerability tools and evidence workflows, and ability to correlate findings to operational risk and remediation priorities.
  • Must attain and maintain CORA Assessor certification through the DCDC Reviewer Certification Program and have completed the DISA Security Readiness Reviewer (SRR) course (or equivalent documented completion).

• Desired:

  • Prior experience performing CORA or DISA/CCRIlike assessments for ARNG, state/Territory, or DoD organizations.
  • Experience advising state leadership on remediation prioritization, cyber hygiene programs, and sustained compliance initiatives.
  • Strong report writing, stakeholder facilitation, and mentorship experience for assessment teams.

#ENOCS

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.