Lead Certified CMMC Assessor (LCCA) (0001)

About The Position

Requirements

• Must be a U.S. Citizen. U.S. citizenship is mandatory for this role because all personnel participating in the CMMC Level 2 certification assessment process must complete a Tier 3 background investigation resulting in a determination of national security eligibility.
• Active Certified CMMC Assessor (CCA) certification in good standing, with Lead Assessor designation or the demonstrated experience required to be authorized as a Lead Assessor.
• Must be able to obtain and maintain a favorable Tier 3 background investigation resulting in a national security eligibility determination (this is not a security clearance and is not for the purpose of government employment). The investigation will involve a credit, fingerprint, and law enforcement agency check.
• Bachelor’s degree in cybersecurity, information technology, information systems, or a related field, or equivalent professional experience.
• Typically 7+ years of cybersecurity or information assurance experience, including hands-on NIST SP 800-171 / CMMC work, with at least 3 years leading assessments or audits.
• In-depth knowledge of NIST SP 800-171 Rev 2, NIST SP 800-171A, 32 CFR Part 170, and DFARS 252.204-7012.

Nice To Haves

• Professional certifications such as CISSP, CISA, CCP, or equivalent strongly preferred.
• Strong leadership, assessment report writing, and client-facing communication skills.

Responsibilities

• Serve as the Lead Assessor on CMMC Level 2 certification assessments, directing the assessment team and owning the overall assessment plan, schedule, and execution.
• Lead scoping, pre-assessment readiness reviews, and finalization of the assessment plan with the Organization Seeking Certification (OSC).
• Direct evidence collection and validation across all 110 NIST SP 800-171 Rev 2 security requirements using the examine, interview, and test methods defined in NIST SP 800-171A.
• Make and defend final determinations (MET / NOT MET / NOT APPLICABLE) for each requirement and oversee scoring and results.
• Assign and supervise the work of Certified CMMC Assessors (CCAs) and supporting personnel, ensuring consistent application of CMMC assessment methodology.
• Author and review the final assessment report and the Certificate of CMMC Status recommendation, and manage Plan of Action and Milestones (POA&M) closeout assessments within the 180-day window.
• Serve as the primary point of contact with the OSC and coordinate with the C3PAO quality assurance function throughout the engagement.
• Ensure all assessment activities comply with the Cyber AB Code of Professional Conduct, conflict-of-interest, ethics, and impartiality requirements, and with ISO/IEC 17020:2012 procedures.
• Mentor and develop CCAs and Certified CMMC Professionals (CCPs) and contribute to continuous improvement of assessment practices.