Description
We are seeking an experienced cybersecurity and compliance professional to serve as a Lead CMMC Assessor (CCA), supporting Certified Third-Party Assessment Organizations (C3PAOs) in the execution of CMMC assessments. This role will primarily focus on leading assessment teams through the planning, execution, documentation, and reporting phases of CMMC certification assessments. The individual will operate as an independent contractor supporting multiple C3PAOs while representing IGI's commitment to professionalism, quality, and cybersecurity excellence.
Requirements
- Serve as Lead Assessor for CMMC certification assessments conducted on behalf of authorized C3PAOs.
- Lead assessment teams through all phases of the assessment lifecycle, including assessment planning, scoping validation, evidence review, interviews, testing activities, and reporting.
- Coordinate assessment activities with client stakeholders, C3PAO personnel, and fellow assessment team members.
- Evaluate objective evidence against CMMC assessment requirements and applicable assessment guides.
- Conduct interviews with executive, operational, and technical personnel to validate implementation of security practices.
- Document assessment observations, findings, and evidence in accordance with CMMC assessment methodology and C3PAO requirements.
- Exercise professional judgment in evaluating evidence sufficiency, consistency, and compliance with assessment objectives.
- Provide leadership and mentoring to assessment team members, ensuring high-quality and consistent assessment execution.
- Communicate assessment status, risks, concerns, and results to assessment sponsors, client leadership, and C3PAO representatives.
- Support quality assurance and quality control activities associated with assessment deliverables and reporting.
- Maintain independence, objectivity, and professional conduct throughout all assessment activities.
- When not engaged in CMMC assessments, support cybersecurity consulting engagements, readiness assessments, gap assessments, risk assessments, and related compliance initiatives.
- Assist organizations with CMMC readiness activities, SSP reviews, POA&M development, and remediation planning as needed.
Desired Certifications & Licenses:
- Certified CMMC Assessor (CCA) – Required
- Certified CMMC Professional (CCP)
- CISSP, CISM, CRISC, CISA, or equivalent cybersecurity certification
- Lead Auditor or formal assessment methodology training preferred
Salary Description
$120,000-$170,000 commensurate with experience