Certified CMMC Assessor

DigiFlight

$90K — $130K *
Columbia, MD 21044In-Person
Technical Services
5 - 7 years of experience
1 month ago
Job Overview by Ladders

Qualifications

  • 7-10 years in cybersecurity, IT audit, or risk management
  • 3-5 years in a leadership role for assessments or compliance programs
  • Experience with accredited assessment bodies and 3PAOs
  • Familiarity with federal frameworks such as FedRAMP
  • Ability to assess complex IT environments (cloud, hybrid)
  • Expertise in control evaluation and evidence validation
  • Strong judgment and decision-making capacity

Responsibilities

  • Lead formal CMMC assessments ensuring compliance with the CMMC Assessment Process
  • Support readiness reviews and mock assessments for CMMC certification
  • Evaluate organizational preparedness for certification
  • Provide guidance on control implementation and policies
  • Identify risks that may impact assessment outcomes
  • Communicate assessment findings to executives and stakeholders

Benefits

  • Professional development opportunities
  • Flexible working arrangements
  • Collaborative and inclusive work environment
  • Access to industry-leading resources and technologies
Full Job Description
Duties and Responsibilities

The Certified CMMC Assessor (CCA) leads formal CMMC assessments and may also support readiness and pre-assessment advisory engagements, provided independence and objectivity are maintained. This role is responsible for assessment leadership, control evaluation, and final compliance determinations, while ensuring adherence to the CMMC Assessment Process (CAP).

Readiness & Pre-Assessment Advisory
  • Lead or support readiness reviews and mock assessments
  • Evaluate organizational preparedness for CMMC certification
  • Provide guidance on:
  • Certification boundary definition
  • Control implementation expectations
  • Policy and Procedure development and evaluation
  • Evidence sufficiency and documentation quality
  • Identifyrisks that mayimpactassessment outcomes
  • Ability to understand technical solutions to stratify controlimplantation


Minimum Experience

7-10 years of experience in:
  • Cybersecurity
  • IT audit or assessments
  • Risk management and compliance
  • Information security program management

3-5 years in a lead role involving:
  • Assessments, audits, or compliance programs
  • Decision-making authority over control evaluation


Required Skills
  • Experience working with or within3PAOs or accredited assessment bodies
  • Familiarity with federal frameworks such as:FedRAMP
  • Experience assessing complex environments (cloud, hybrid, MSPs, enclaves)
  • Strong judgment and decision-making authority
  • Deepexpertisein control evaluation and evidence validation
  • Ability to assess ambiguous or partially implemented controls
  • Executive-level communication and stakeholder engagement
  • High ethical standards and professional integrity

Considerations
  • Must avoid conflicts of interestin accordance withapplicable CMMC ecosystem expectations
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at DigiFlight

More Technical Services Jobs

Find similar Certified CMMC Assessor jobs:

NationwideColumbia, MD