Mid-level Quality Assurance Individual, CMMC Assessments (CCA) (0001)

OCT Consulting, LLC

$72K — $104K *
Technical Services
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • U.S. Citizenship is mandatory for this role.
  • Active Certified CMMC Assessor (CCA) certification required.
  • Ability to maintain a favorable Tier 3 background investigation.
  • Bachelor's degree in cybersecurity, IT, quality management, or related field or equivalent experience.
  • Typically 6+ years of experience in cybersecurity, information assurance, audit, or quality.
  • Knowledge of ISO/IEC 17020:2012 and internal auditing practices.
  • Familiarity with NIST SP 800-171 and 32 CFR Part 170.

Responsibilities

  • Provide independent quality assurance review of CMMC Level 2 assessments.
  • Review assessment plans, evidence packages, working papers, and final reports.
  • Maintain and improve the C3PAO quality management system per ISO/IEC 17020:2012.
  • Verify adherence to NIST SP 800-171A assessment procedures.
  • Identify nonconformities and track corrective actions.
  • Ensure assessment records are complete and maintained as per policy.
  • Maintain independence from assessment teams to ensure quality impartiality.

Benefits

  • Remote-eligible position with occasional travel to client sites.
  • Opportunity to work in a growing compliance field with a focus on cybersecurity.
  • Engagement with a certified C3PAO practice for professional development.
  • Potential part-time or full-time flexible work arrangement.
Full Job Description
Quality Assurance Individual, CMMC Assessments (CCA)

OCT currently has an opening for a Quality Assurance Individual, CMMC Assessments (CCA) to support the build-out of OCT's CMMC Certified Third-Party Assessment Organization (C3PAO) practice. This position provides independent quality oversight of CMMC Level 2 certification assessments and must hold an active CCA certification. The role is named alongside the assessment team in the CMMC Level 2 assessment process and is subject to the same background investigation requirement.

Day to day responsibilities include:
  • Provide independent quality assurance review of CMMC Level 2 certification assessments, ensuring methodology, evidence sufficiency, scoring, and determinations are consistent, complete, and defensible.
  • Review assessment plans, evidence packages, working papers, and final reports prior to issuance of any Certificate of CMMC Status.
  • Maintain and continuously improve the C3PAO quality management system in alignment with ISO/IEC 17020:2012 and Cyber AB requirements.
  • Verify adherence to NIST SP 800-171A assessment procedures and to the Cyber AB Code of Professional Conduct, conflict-of-interest, ethics, and impartiality requirements.
  • Identify nonconformities, track corrective actions, and support internal audits and management reviews.
  • Ensure assessment records are complete and retained per policy, and support DIBCAC and Cyber AB oversight and surveillance activities.
  • Maintain independence from the assessment teams whose work is being reviewed in order to preserve impartiality of the quality function.

Requirements

  • Must be a U.S. Citizen. U.S. citizenship is mandatory for this role because all personnel participating in the CMMC Level 2 certification assessment process must complete a Tier 3 background investigation resulting in a determination of national security eligibility.
  • Active Certified CMMC Assessor (CCA) certification in good standing (required for this role in addition to quality responsibilities).
  • Must be able to obtain and maintain a favorable Tier 3 background investigation resulting in a national security eligibility determination (this is not a security clearance and is not for the purpose of government employment). The investigation will involve a credit, fingerprint, and law enforcement agency check.
  • Bachelor's degree in cybersecurity, information technology, quality management, or a related field, or equivalent professional experience.
  • Typically 6+ years of cybersecurity, information assurance, audit, or quality experience, including NIST SP 800-171 / CMMC.
  • Knowledge of ISO/IEC 17020:2012, quality management systems, and internal auditing practices.
  • Familiarity with NIST SP 800-171 Rev 2, NIST SP 800-171A, and 32 CFR Part 170.
  • Certifications such as CISA, ISO 17020 / quality auditor credentials, or CISSP preferred.
  • Strong attention to detail, sound independent judgment, and the ability to maintain impartiality.
  • Location / on-site: Remote-eligible with occasional to client sites travel as required.


Salary Range: $35- $50 hourly commensurate with experience, education, etc. This role may be available as either a part-time or full-time opportunity.

Similar Jobs

More Jobs at OCT Consulting, LLC

More Technical Services Jobs

Find similar Mid-level Quality Assurance Individual, CMMC Assessments (CCA) (0001) jobs: