TekSynap
Cyber Operations Readiness Assessment Reviewer
TekSynap, Fort Belvoir, Virginia, United States, 22060
Overview
We are seeking a Cyber Operations Readiness Assessment (CORA) Senior Reviewer to join our team supporting the Defense Threat Reduction Agency (DTRA) in Fort Belvoir, VA. This high‑impact mission involves conducting advanced cybersecurity inspections, uncovering vulnerabilities across cutting‑edge networks, and supporting real‑time decision‑making that directly shapes DTRA’s global operations. As part of this dynamic team, you’ll protect national security by ensuring DTRA’s systems remain resilient, compliant, and ready against evolving threats. The successful CORA Lead Team Reviewer will support mission needs, multi‑domain assessment coverage, and is expected to cross‑train into multiple functional disciplines and support operational needs.
Responsibilities
Serve as a senior technical reviewer across one or more assessment domains including Boundary Security, Network Infrastructure, DNS, Virtualization, Vulnerability Scanning, Cross‑Domain Solutions (CDS), Endpoint Security, Mobility, VoIP, Databases, Windows/UNIX, Web Services, Traditional Security, or Releasable Reviews.
Perform in‑depth technical assessments in accordance with SRGs/STIGs, DODIN Inspection guidance, DoDI 8530.01, DoDI 8510.01, and all governing publications.
Participate in on‑site and virtual cybersecurity reviews, conduct technical interviews, log analysis, configuration inspections, and system evaluations.
Identify, analyze, and document vulnerabilities and configuration deviations, providing prioritized recommendations and mitigation strategies.
Maintain expertise in primary assessment areas while actively cross‑training into adjacent domains to support flexible, multi‑skill review teams.
Mentor junior reviewers and provide technical coaching during inspections and internal training cycles.
Prepare, assemble, and execute vulnerability scanning packages using ACAS and DoD‑mandated tools.
Validate scan results, correlate findings with applicable STIGs, IAVMs, Cyber Tasking Orders, and mission risk, and assist in POA&M generation and remediation tracking.
Conduct post‑scan validation to verify vulnerability mitigation and ensure accuracy of lifecycle data.
Support Traditional Security Reviews by applying SPED‑aligned security fundamentals, assessing personnel, physical, information, industrial, and overall security management practices.
Conduct Releasable Reviews ensuring proper classification markings, content sanitization, foreign disclosure handling, and compliance with DoD information protection policies.
Contribute to executive summaries, in‑/out‑briefs, and detailed inspection reports, ensuring technical accuracy and alignment with classification requirements.
Maintain accurate and complete data in DODIN Inspection systems, ensuring traceability, lifecycle accuracy, and audit readiness.
Support development, review, and updates of SOPs, TTPs, checklists, and guides that enhance standardization and repeatability across the CORA mission.
Support scheduling coordination, lifecycle data management, portal content maintenance, and end‑user assistance across NIPR, SIPR, and JWICS.
Assist in verification of POA&M actions, ensuring findings are tracked and properly documented through closure in accordance with DoD 30/60/90‑day standards.
Coordinate with portfolio managers, tool developers, and inspection teams to resolve data discrepancies, improve workflow efficiencies, and support continuous process improvement.
Ensure all activities comply with DoD, DISA, and DTRA directives, particularly STIG/SRG requirements, DODIN Governance, IAVM processes, and RMF‑aligned security controls.
Maintain required IA certifications (IAT/IAM/CSSP/IASAE) per DoD 8140/8570 and obtain Reviewer Certification Program (RCP) credentials within required timelines.
Adhere to all TS/SCI security requirements, classification handling procedures, and facility/operational security standards.
Qualifications
Top Secret clearance with SCI eligibility.
DoD 8140/8570 requirements for IAM Level II or III (e.g., CISSP, CISM, GSLC, CAP, CASP+). Security Fundamentals Professional Certification (SFPC) within 90 days.
8–10 years of experience in cybersecurity assessment, technical review, or related field.
BS degree or four additional years of experience.
Strong knowledge of SRG/STIG, DODIN Inspection guidance, DoDI 8530.01, DoDI 8510.01, and related security frameworks.
Experience with ACAS and DoD‑mandated vulnerability scanning tools.
Demonstrated ability to lead technical reviews across multiple domains and to mentor junior staff.
Excellent communication skills and proficiency in preparing executive reports and detailed inspection documentation.
Benefits We offer a competitive benefits package that includes health, dental, vision, 401(k), life insurance, short‑term and long‑term disability, vacation time and holidays.
Legal Notice TekSynap is an equal‑opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, national origin, disability, age, genetic information, or any other characteristic protected by law. TekSynap prohibits discrimination and political hiring bias. Compliance with applicable law and federal, state, and local regulations is mandatory.
#J-18808-Ljbffr
Responsibilities
Serve as a senior technical reviewer across one or more assessment domains including Boundary Security, Network Infrastructure, DNS, Virtualization, Vulnerability Scanning, Cross‑Domain Solutions (CDS), Endpoint Security, Mobility, VoIP, Databases, Windows/UNIX, Web Services, Traditional Security, or Releasable Reviews.
Perform in‑depth technical assessments in accordance with SRGs/STIGs, DODIN Inspection guidance, DoDI 8530.01, DoDI 8510.01, and all governing publications.
Participate in on‑site and virtual cybersecurity reviews, conduct technical interviews, log analysis, configuration inspections, and system evaluations.
Identify, analyze, and document vulnerabilities and configuration deviations, providing prioritized recommendations and mitigation strategies.
Maintain expertise in primary assessment areas while actively cross‑training into adjacent domains to support flexible, multi‑skill review teams.
Mentor junior reviewers and provide technical coaching during inspections and internal training cycles.
Prepare, assemble, and execute vulnerability scanning packages using ACAS and DoD‑mandated tools.
Validate scan results, correlate findings with applicable STIGs, IAVMs, Cyber Tasking Orders, and mission risk, and assist in POA&M generation and remediation tracking.
Conduct post‑scan validation to verify vulnerability mitigation and ensure accuracy of lifecycle data.
Support Traditional Security Reviews by applying SPED‑aligned security fundamentals, assessing personnel, physical, information, industrial, and overall security management practices.
Conduct Releasable Reviews ensuring proper classification markings, content sanitization, foreign disclosure handling, and compliance with DoD information protection policies.
Contribute to executive summaries, in‑/out‑briefs, and detailed inspection reports, ensuring technical accuracy and alignment with classification requirements.
Maintain accurate and complete data in DODIN Inspection systems, ensuring traceability, lifecycle accuracy, and audit readiness.
Support development, review, and updates of SOPs, TTPs, checklists, and guides that enhance standardization and repeatability across the CORA mission.
Support scheduling coordination, lifecycle data management, portal content maintenance, and end‑user assistance across NIPR, SIPR, and JWICS.
Assist in verification of POA&M actions, ensuring findings are tracked and properly documented through closure in accordance with DoD 30/60/90‑day standards.
Coordinate with portfolio managers, tool developers, and inspection teams to resolve data discrepancies, improve workflow efficiencies, and support continuous process improvement.
Ensure all activities comply with DoD, DISA, and DTRA directives, particularly STIG/SRG requirements, DODIN Governance, IAVM processes, and RMF‑aligned security controls.
Maintain required IA certifications (IAT/IAM/CSSP/IASAE) per DoD 8140/8570 and obtain Reviewer Certification Program (RCP) credentials within required timelines.
Adhere to all TS/SCI security requirements, classification handling procedures, and facility/operational security standards.
Qualifications
Top Secret clearance with SCI eligibility.
DoD 8140/8570 requirements for IAM Level II or III (e.g., CISSP, CISM, GSLC, CAP, CASP+). Security Fundamentals Professional Certification (SFPC) within 90 days.
8–10 years of experience in cybersecurity assessment, technical review, or related field.
BS degree or four additional years of experience.
Strong knowledge of SRG/STIG, DODIN Inspection guidance, DoDI 8530.01, DoDI 8510.01, and related security frameworks.
Experience with ACAS and DoD‑mandated vulnerability scanning tools.
Demonstrated ability to lead technical reviews across multiple domains and to mentor junior staff.
Excellent communication skills and proficiency in preparing executive reports and detailed inspection documentation.
Benefits We offer a competitive benefits package that includes health, dental, vision, 401(k), life insurance, short‑term and long‑term disability, vacation time and holidays.
Legal Notice TekSynap is an equal‑opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, national origin, disability, age, genetic information, or any other characteristic protected by law. TekSynap prohibits discrimination and political hiring bias. Compliance with applicable law and federal, state, and local regulations is mandatory.
#J-18808-Ljbffr