Certified CMMC Assessor
DigiFlight, Inc. · Columbia, MD · 2 mo ago
ManagementFull-time
Duties And Responsibilities
- Leads formal CMMC assessments and supports readiness and pre-assessment advisory engagements.
- Evaluates organizational preparedness for CMMC certification.
- Provides guidance on:
- Certification boundary definition
- Control implementation expectations
- Policy and Procedure development and evaluation
- Evidence sufficiency and documentation quality
- Identifies risks that may impact assessment outcomes
- Able to understand technical solutions to stratify control implementation
Minimum Experience
- 7–10 years of experience in: Cybersecurity, IT audit or assessments, Risk management and compliance, Information security program management
- 3–5 years in a lead role involving: Assessments, audits, or compliance programs, Decision-making authority over control evaluation
Required Skills
- Experience working with or within 3PAOs or accredited assessment bodies
- Familiarity with federal frameworks such as: FedRAMP, DFARS 252.204-7012(Safeguarding), and DFARS 252.204-7021(CMMC Requirements)
- Experience assessing complex environments (cloud, hybrid, MSPs, enclaves)
- Strong judgment and decision-making authority
- Deep expertise in control evaluation and evidence validation
- Able to assess ambiguous or partially implemented controls
- Executive-level communication and stakeholder engagement
- High ethical standards and professional integrity