Certified CMMC Professional
DigiFlight, Inc. · Columbia, MD · 2 mo ago
OTHRFull-time
Duties And Responsibilities
- Evaluate an organization’s cybersecurity practices against CMMC requirements
- Contribute to control implementation validation, documentation analysis, and assessment execution
- Ensure alignment with the CMMC Assessment Process (CAP)
Readiness & Advisory Support
- Support organizations in preparing for CMMC Level 1 and Level 2 certification
- Perform gap assessments against: CMMC requirements, NIST SP 800-171 controls
- Aid in the development and refinement of: System Security Plans (SSPs), POA&Ms
- Identify and remediate control deficiencies prior to formal assessment
- Provide guidance on: Control implementation expectations, Evidence requirements, Certification boundary considerations
Minimum Experience
- 3–5 years of experience in: Cybersecurity, IT audit or compliance, Governance, Risk, and Compliance (GRC), Information systems or IT operations
- Working knowledge of: CMMC Level 1 and Level 2 requirements, NIST SP 800-171, CMMC Assessment Process (CAP), FedRAMP, SOC 2
Required Skills
- Experience supporting: Security assessments or audits, Compliance frameworks (e.g., FedRAMP, SOC 2, ISO 27001), DoD contractor environments and Controlled Unclassified Information (CUI)
- Familiarity with analytical thinking and attention to detail
- Strong written and verbal communication skills
- Ability to operate in both advisory and assessment roles with discipline