Certified CMMC Assessor

Duties And ResponsibilitiesThe Certified CMMC Assessor (CCA) leads formal CMMC assessments and may also support readiness and pre-assessment advisory engagements, provided independence and objectivity are maintained. This role is responsible for assessment leadership, control evaluation, and final compliance determinations, while ensuring adherence to the CMMC Assessment Process (CAP).Readiness & Pre-Assessment AdvisoryLead or support readiness reviews and mock assessmentsEvaluate organizational preparedness for CMMC certificationProvide guidance on:Certification boundary definitionControl implementation expectationsPolicy and Procedure development and evaluationEvidence sufficiency and documentation qualityIdentifyrisks that mayimpactassessment outcomesAbility to understand technical solutions to stratify controlimplantationMinimum Experience7–10 years of experience in:CybersecurityIT audit or assessmentsRisk management and complianceInformation security program management3–5 years in a lead role involving:Assessments, audits, or compliance programsDecision-making authority over control evaluationRequired SkillsExperience working with or within3PAOs or accredited assessment bodiesFamiliarity with federal frameworks such as:FedRAMPDFARS 252.204-7012(Safeguarding) and DFARS 252.204-7021(CMMC Requirements) Experience assessing complex environments (cloud, hybrid, MSPs, enclaves)Strong judgment and decision-making authorityDeepexpertisein control evaluation and evidence validationAbility to assess ambiguous or partially implemented controlsExecutive-level communication and stakeholder engagementHigh ethical standards and professional integrityConsiderationsMust avoid conflicts of interestin accordance withapplicable CMMC ecosystem expectations