CMMC Certified Assessor (CCA)

About The Position

Requirements

• Must have an active T3 clearance.
• Active CMMC Certified Assessor (CCA) credential issued by The Cyber AB or ISACA.
• Exceptional CCP candidates with an active T3 clearance and a scheduled CCA examination within 60 days may be considered. Employment offers for CCP candidates will be contingent upon successful attainment of the CCA credential within the agreed time frame.
• U.S. Citizenship (Required for DOD-related engagements).
• 5+ years of professional experience in cybersecurity, compliance, or audit within regulated or defense-related environments.
• In-depth understanding of CMMC 2.0, NIST SP 800-171/172, and DFARS 252.204-7012/7019/7020 requirements.
• 2+ years Proven experience conducting technical security assessments, gap analyses, and compliance reviews.
• Demonstrated experience participating in security assessments, compliance audits, or formalized control validation activities within regulated environments.
• Strong analytical, organizational, and communication skills.
• Strong ability to communicate technical and compliance concepts clearly to executive, operational, and technical stakeholders.
• Ability to manage multiple concurrent assessments and client engagements independently.

Nice To Haves

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related discipline (or equivalent work experience).
• Additional certifications such as CISSP, CISM, CISA, CAP, or Security+.
• 2+ years' experience working in a client facing role.
• Experience working for or with a C3PAOs.
• Familiarity with government cloud environments (e.g., Microsoft GCC High, AWS GovCloud).

Responsibilities

• Participate as a CMMC Certified Assessor (CCA) in official CMMC assessments for Procellis, and Procellis C3PAO partners.
• Review, validate, and document compliance artifacts including SSPs, POA&Ms, security policies, and technical evidence.
• Conduct stakeholder interviews, review control implementations, and determine compliance status for required practices and processes.
• Communicate assessment results effectively to technical and executive audiences, including C-suite and compliance leadership.
• Submit accurate and complete assessment documentation.
• Participate in post-assessment analysis meetings as required.
• Perform CMMC consulting and preparation activities to support successful OSC certification.
• Provide clear, detailed assessment reports, identifying findings, risks, and actionable recommendations for remediation.
• Assist in scoping, developing and editing client documentation.
• Build and organize client SSPs and supporting artifacts in alignment with the CMMC Assessment Process (CAP) to support efficient assessments.
• Collaborate with client teams (Executive, IT, InfoSec, Risk, Audit) to build and execute remediation plans that support certification readiness aligned with client goals.
• Stay current with evolving DoD cybersecurity requirements, CMMC 2.0 program updates, and related standards.
• Maintain professional certifications and ongoing CCA eligibility.
• Contribute to continuous improvement of the company's CMMC client preparation and/or assessment methodology and templates.
• Ability to travel to OSC locations to verify physical controls as needed (1-2 days per month)
• Must maintain a valid driver's license and clean driving record.

Benefits

• benefits
• performance incentives
• ongoing professional development and advancement opportunities