CMMC Assessor

CMMC Certified Assessor (CCA) or Certified Professional (CCP). CISSP, CISM, CISA, CRISC or other related certification. 2 minimum years of experience testing and documenting IT security controls including experience managing and facilitating external IT audits. 2 minimum years of experience leading external or internal audits, e.g., CMMC, FedRAMP, ISO 27001, PCI. 2 minimum years of experience with cybersecurity. Self-driven, with a strong desire to succeed. Ability to engage with customers/executives and foster positive relationships. Exceptional communicator and ability to relay complex technical concepts to non-technical audience.

Conducting formal assessments of organizations’ cybersecurity practices against using the CMMC assessment process (CAP). Collaborate with client organizations to plan assessments, develop assessment schedules, and ensure readiness. Assess the effectiveness of security measures practices and ensure they align with the CMMC practices and processes for the assigned maturity level. Interview key personnel within the organization to understand how cybersecurity practices are implemented and maintained. Collect and evaluate sufficiency and adequacy of evidence, such as system logs, incident reports, and audit trails, to verify implementation. Maintain an objective and unbiased stance during the assessment process, ensuring that conclusions are based on facts and evidence. Ensure that all documentation is properly prepared for submission to the eMASS if the organization is seeking certification. Assist with the development of our CRC (Cyber Risk & Compliance) delivery processes and methodologies. Lead with a “customer first” attitude and be an exhibitor of 112Cyber’s Core Values, as an example to other team members.