Certified CMMC Assessor (CCA) (0001)

About The Position

Requirements

• Must be a U.S. Citizen.
• Active Certified CMMC Assessor (CCA) certification in good standing.
• Must be able to obtain and maintain a favorable Tier 3 background investigation resulting in a national security eligibility determination (this is not a security clearance and is not for the purpose of government employment).
• Bachelor’s degree in cybersecurity, information technology, information systems, or a related field, or equivalent professional experience.
• Typically 4+ years of cybersecurity or information assurance experience, including exposure to NIST SP 800-171 / CMMC.
• Working knowledge of NIST SP 800-171 Rev 2, NIST SP 800-171A, 32 CFR Part 170, and DFARS 252.204-7012.
• Strong documentation, analytical, and communication skills.

Nice To Haves

• Additional certifications such as CompTIA Security+, CISSP, CISA, or CCP preferred.

Responsibilities

• Conduct CMMC Level 2 certification assessment activities as a member of the assessment team under the direction of the Lead Assessor (LCCA).
• Examine documentation and artifacts, interview personnel, and test security controls across the 110 NIST SP 800-171 Rev 2 requirements using NIST SP 800-171A methods.
• Document findings and recommend MET / NOT MET / NOT APPLICABLE determinations for assigned requirements, with supporting evidence.
• Support development of the assessment plan, scope validation, and pre-assessment readiness reviews.
• Contribute to the assessment report and support POA&M closeout activities within the required timeframe.
• Maintain assessment evidence and working papers in accordance with C3PAO procedures and ISO/IEC 17020:2012.
• Adhere to the Cyber AB Code of Professional Conduct, conflict-of-interest, ethics, and impartiality requirements at all times.

Benefits

• career growth
• professional development