Senior Assessor (CCA)

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity or related field (Master’s a plus).
• Minimum of 3+ years of experience in cybersecurity, information assurance, third-party assessments, or compliance (experience with other C3PAOs, assessor organization or consulting firm strongly preferred).
• Demonstrated experience conducting assessment engagements under frameworks such as CMMC, NIST SP 800-171/800-53, FedRAMP, GovRAMP, NIST RMF, or similar.
• Strong technical understanding of cybersecurity controls, risk-based assessment methodologies, and audit criteria.
• Excellent communication skills, with experience translating technical cyber and compliance issues into business-focused insights for senior leadership.
• Ability to travel (domestic and possibly international) to client sites for assessments or audits (travel % to be determined).
• Candidate will already have successfully undergone and completed the required DoD CMMC Tier 3 background investigation for immediate placement on assessments.
• Recognized CCA (verifiable on CyberAB marketplace) OR recognized CCP with strong understanding and experience in RMF for DoD IT or FedRAMP/DISA’s FedRAMP+

Nice To Haves

• Experience with cloud environments (SaaS, IaaS, PaaS), DevSecOps, identity & access management, penetration testing or GRC toolsets.
• Previous experience in business development or growth of an assurance services practice.

Responsibilities

• Manage projects (referred to as engagements): scope validation, client readiness, assessment performance, report preparation, findings remediation (for advisory engagements), certification recommendations, and quality assurance to meet USG standards.
• Serve as a point of contact for client stakeholders (Security or IT Manager, GRC POCs, program or product managers).
• Mentor staff assessors, consultants, and technical practitioners, ensuring accurate understanding of deliverable contribution expectations, quality of deliverables, and adherence to accreditation standards.
• Contribute to the standardization of team services by developing and implementing support for playbooks, templates, job aides, and tools for efficient assessment deployment across client sites and systems.
• Build content to support marketing and sales efforts, e.g., blog posts, thought leadership pieces, videos, etc.
• Maintain up-to-date awareness of regulatory standards and accreditation changes to the frameworks listed above, and integrate these changes into assessment/advisory thinking.
• Communicate complex technical findings and cybersecurity risks to non-technical leadership, providing actionable recommendations.

Benefits

• Medical, Dental, and Vision Insurance on the first day of employment
• Flexible Spending Account and Dependent Care Account
• 401k with Profit Sharing
• 9+ holidays and discretionary time off structure
• Parental Leave – coverage for both primary and secondary caregivers
• Tuition Assistance Program and CPA support program with cash incentive upon completion
• Discretionary incentive compensation based on firm, group and individual performance
• Incentive compensation related to origination of new client sales
• Top rated wellness program
• Flexible working environment including remote and hybrid options