Jobs · Management

CMMC Certified Assesor (CCA)

Insight Assurance · Tampa, FL · 3 mo ago
RemoteRemoteManagementFull-time

About the role

We are seeking a highly qualified CMMC Certified Assessor (CCA) to lead and execute cybersecurity compliance assessments for defense contractors and suppliers handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).

Responsibilities

  • Lead and/or participate as a CMMC Certified Assessor (CCA) in official CMMC assessments and readiness reviews for Level 1 and Level 2 certifications under CMMC 2.0.
  • Perform gap analyses comparing client environments against CMMC, NIST SP 800-171/172, and other relevant frameworks.
  • Review, validate, and document compliance artifacts including System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), security policies, and technical evidence.
  • Conduct stakeholder interviews, review control implementations, and determine compliance status for required practices and processes.
  • Provide detailed assessment reports, identifying findings, risks, and actionable recommendations for remediation.
  • Collaborate with client teams (IT, InfoSec, Risk, Audit) to build and execute remediation plans that support certification readiness.
  • Stay current with evolving DoD cybersecurity requirements, CMMC 2.0 program updates, and related standards (e.g., NIST CSF, ISO 27001).
  • Communicate assessment results effectively to technical and executive audiences, including C-suite and compliance leadership.
  • Mentor junior team members and contribute to continuous improvement of the company’s CMMC assessment methodology and templates.

Requirements

  • Active CMMC Certified Assessor (CCA) credential issued by The Cyber AB (Cyber Accreditation Body).
  • U.S. Citizenship (required for DoD-related engagements).
  • 5+ years of professional experience in cybersecurity, compliance, or audit within regulated or defense-related environments.
  • In-depth understanding of CMMC 2.0, NIST SP 800-171/172, and DFARS 252.204-7012/7019/7020 requirements.
  • Proven experience conducting technical security assessments, gap analyses, and compliance reviews.
  • Strong analytical, organizational, and written communication skills.
  • Ability to manage multiple concurrent assessments and client engagements independently.

Qualifications

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related discipline (or equivalent work experience).
  • Additional certifications such as CISSP, CISM, CISA, CAP, or Security+ preferred.
  • Experience working for or with a Certified Third-Party Assessment Organization (C3PAO) preferred.
  • Familiarity with government cloud environments (e.g., Microsoft GCC High, AWS GovCloud) preferred.
  • Active or previously held DoD security clearance (Tier 3 or above) preferred.

Skills

  • Deep knowledge of CMMC 2.0, NIST SP 800-171/172, and DFARS 252.204-7012/7019/7020 requirements.
  • Proven experience conducting technical security assessments, gap analyses, and compliance reviews.
  • Strong analytical, organizational, and written communication skills.
  • Ability to manage multiple concurrent assessments and client engagements independently.

Benefits

  • Flexible Paid Time Off and paid Holidays
  • Performance Bonuses
  • 100% Remote
  • Competitive salary and benefits package
  • Opportunities for professional growth and development
  • Collaborative and innovative work environment

Similar jobs

CMMC Consultant, CCA

ClearwaterNashville, TN· 1 wk ago
RemoteConsultingapply on recruiting.paylocity.com