ResponsibilitiesWe are seeking a highly skilled and innovative CORA Assessor to join our team in the greater DMV area, supporting the Army National Guard.
Responsibilities
- Plan and lead Cyber Operational Readiness Assessments (CORA), Sight Assistance Visits, and Cyber Hygiene Assessment Team activities across state and enterprise environments.
- Conduct pre-inspection planning, technical deep dives, evidence collection, vulnerability validation, and operational control effectiveness testing.
- Produce assessment artifacts: scorecards, findings, risk analyses, and actionable remediation recommendations.
- Develop, validate, and track Plans of Action and Milestones (POA&Ms) to closure; coordinate remediation with state stakeholders and program teams.
- Deliver authoritative briefings and decision-grade reports to commanders, senior leaders, and state leadership on assessment results and risk posture.
- Identify trends, recurring deficiencies, and best practices to inform enterprise cyber hygiene improvements and readiness initiatives.
- Coordinate assessment logistics, data handling, and evidence retention to support auditability and compliance with Army/DoD requirements.
- Mentor assessment teams, enforce assessment methodology consistency, and ensure quality assurance of CORA products.
#ENOCS
QualificationsQualifications
- 5 years with BS/BA; 3 years with MS/MA; 0 years with PhD
- Clearance: Active TS/SCI clearance.
- Candidate must meet ONE of the following:
- Master's degree or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR
- Relevant DoD/military training (examples: Security Control Assessor (Advanced) Playlist; DCMA DIBCAC Cybersecurity Assessor Advanced); OR
- Relevant professional certification or equivalent experience (examples: CCISO, CISA, CISM, CISSP, CISSP-ISSEP, CySA+, GSLC, GSNA).
- Required experience and skills:
- Cybersecurity assessment, audit, or assurance experience and experience leading technical assessments in DoD or large enterprise environments.
- Demonstrated expertise with CORA/Cyber Hygiene methodologies, NIST SP 800-53, RMF, DISA STIGs/SRGs, and DoD/Army assessment criteria.
- Proven ability to conduct technical validation, produce scorecards/findings, develop POA&Ms, and brief senior leaders.
- Experience with vulnerability tools and evidence workflows, and ability to correlate findings to operational risk and remediation priorities.
- Must attain and maintain CORA Assessor certification through the DCDC Reviewer Certification Program and have completed the DISA Security Readiness Reviewer (SRR) course (or equivalent documented completion).
- Desired:
- Prior experience performing CORA or DISA/CCRI-like assessments for ARNG, state/Territory, or DoD organizations.
- Experience advising state leadership on remediation prioritization, cyber hygiene programs, and sustained compliance initiatives.
- Strong report writing, stakeholder facilitation, and mentorship experience for assessment teams.
#ENOCS
Target Salary Range$86,000 - $138,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
