Certified CMMC Assessor (CCA) OCT currently has an opening for a Certified CMMC Assessor (CCA) to support the build-out of OCT's CMMC Certified Third-Party Assessment Organization (C3PAO) practice. This position conducts CMMC Level 2 certification assessment activities as a member of the assessment team under the direction of the Lead Certified CMMC Assessor.
Day to day responsibilities include:- Conduct CMMC Level 2 certification assessment activities as a member of the assessment team under the direction of the Lead Assessor (LCCA).
- Examine documentation and artifacts, interview personnel, and test security controls across the 110 NIST SP 800-171 Rev 2 requirements using NIST SP 800-171A methods.
- Document findings and recommend MET / NOT MET / NOT APPLICABLE determinations for assigned requirements, with supporting evidence.
- Support development of the assessment plan, scope validation, and pre-assessment readiness reviews.
- Contribute to the assessment report and support POA&M closeout activities within the required timeframe.
- Maintain assessment evidence and working papers in accordance with C3PAO procedures and ISO/IEC 17020:2012.
- Adhere to the Cyber AB Code of Professional Conduct, conflict-of-interest, ethics, and impartiality requirements at all times.
Requirements- Must be a U.S. Citizen. U.S. citizenship is mandatory for this role because all personnel participating in the CMMC Level 2 certification assessment process must complete a Tier 3 background investigation resulting in a determination of national security eligibility.
- Active Certified CMMC Assessor (CCA) certification in good standing.
- Must be able to obtain and maintain a favorable Tier 3 background investigation resulting in a national security eligibility determination (this is not a security clearance and is not for the purpose of government employment). The investigation will involve a credit, fingerprint, and law enforcement agency check.
- Bachelor's degree in cybersecurity, information technology, information systems, or a related field, or equivalent professional experience.
- Typically 4+ years of cybersecurity or information assurance experience, including exposure to NIST SP 800-171 / CMMC.
- Additional certifications such as CompTIA Security+, CISSP, CISA, or CCP preferred.
- Strong documentation, analytical, and communication skills.
- Location / on-site: Remote-eligible with availability to travel to client sites for on-site assessment activities as required.
Salary Range: $35- $50 hourly commensurate with experience, education, etc. This role may be available as either a part-time or full-time opportunity.Benefits 
