CORA/CHAP Compliance Analyst

Responsibilities

We are seeking a highly skilled and innovative CORA/CHAP Compliance Analyst to join our team in the greater DMV area, supporting the Army National Guard.

 

Responsibilities

• Lead CORA and CHAP compliance assessments: evaluate security architectures, control implementations, and operational procedures against RMF, DoD, and Army requirements.
• Analyze technical artifacts, configuration baselines, risk documentation, and evidence to identify systemic compliance gaps and residual risk.
• Produce formal assessment reports, executive summaries, findings, and prioritized remediation guidance for system owners and leadership.
• Advise on corrective action prioritization, risk disposition strategies, audit readiness, and POA&M development/tracking.
• Support continuous monitoring through trend analysis, compliance metrics, and dashboard reporting to inform enterprise readiness.
• Coordinate with ISSOs/ISSMs, system owners, engineering, and program teams to validate remediation, close findings, and verify evidence.
• Maintain assessment artifacts, audit trails, and decision records to support inspections and accreditation activities.
• Mentor assessment staff and contribute to improvement of assessment methodologies, templates, and compliance workflows.

#ENOCS

Qualifications

Qualifications

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD

• Clearance: Active TS/SCI clearance.

• Candidate must meet ONE of the following:

  • Bachelor’s degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering; OR
  • Relevant DoD/military training (examples: F07DZZ1; M03385G; M10395B; M223854; A-531-0021; W-250-0750; A-150-1980; A-102-8484; A-150-1250; A-150-1940A; A-150-1941; A-150-1903; A-102-3131; A-150-1855; A-150-1940; A-113-0205; A-113-0175; A-113-0018; A-113-0382; A-113-0027; A-113-0383; A-113-0175; A-113-0202; A-113-0233; DISA (451) Training (Linux/Windows); System Administrator (Intermediate) Playlist; OR
  • Relevant professional certification or equivalent experience (examples: Cloud+, GICSP, GSEC, Security+, SSCP).

• Required experience and skills:

  • Cybersecurity compliance, assessment, or audit experience with at least 3 years performing enterprise‑level assessments in DoD or large enterprise environments.
  • Deep familiarity with RMF, NIST SP 800‑53, DISA STIGs/SRGs, CORA/CHAP methodologies, and evidence validation practices.
  • Proven ability to produce decision‑grade assessment reports, scorecards, executive briefings, and remediation plans.
  • Strong analytical skills to correlate technical findings to operational risk and prioritize remediation.
  • Experience with vulnerability tools, configuration baselines, eMASS/RMF workflows, and POA&M management.
  • Excellent written and verbal communication for briefing senior leaders and coordinating cross‑functional remediation.

• Desired:

  • Prior ARNG/State/Territory assessment or CORA/CHAP experience.
  • Experience advising leadership on enterprise compliance programs, sustained remediation strategies, and metrics‑driven improvement.
  • Familiarity with automation for evidence collection, compliance dashboards, and assessment toolchains.

#ENOCS

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$86,000 - $138,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.