CMMC Certified Assessor CCA

Benefits:

• 401(k)
• Competitive salary
• Health insurance
• Paid time off
• Dental insurance
• Vision insurance

This is a full-time position for a CMMC Certified Assessor (CCA) at Cyber Rx, Inc. You need to be listed as a CCA in the Cyber Ab.org Marketplace. The individual will serve as a member of assessment teams, supporting CMMC Level 2 engagements for Organizations Seeking Certification (OSCs). Responsibilities include performing evidence reviews, conducting interviews, validating compliance with NIST 800-171 and CMMC requirements, and contributing to assessment documentation.

This role is ideal for professionals who enjoy the technical rigor of cybersecurity assessments and prefer to focus on execution and analysis rather than team leadership or supervisory duties.

Cyber Rx, Inc. is a Cyber AB authorized Certified Third-Party Assessor Organization (C3

PAO) in the Cybersecurity Maturity Model Certification (CMMC) ecosystem, providing CMMC assessments for defense contractors and organizations within the Defense Industrial Base (DIB). As one of the first companies authorized as a C3

PAO in 2022, our head start reflects both credibility and proven expertise in cybersecurity standards and regulatory frameworks;
Cyber Rx is a trusted partner in helping organizations navigate the CMMC journey with confidence.

That is what we do, but who we are is why our clients trust us.

We are experienced assessors, and cybersecurity experts, but above all, we are a passionate team of problem‑solvers and collaborators dedicated to safeguarding national security and committed to partnering with our clients to achieve their compliance and security goals.

• Support CMMC assessment activities in accordance with the CMMC Assessment Process (CAP), Cyber AB requirements, and Cyber Rx’s Quality Management System.
• Perform detailed reviews of evidence, artifacts, and objective data to validate compliance with CMMC Level 2 and NIST SP 800-171 Rev 2 security requirements.
• Conduct or participate in interviews with client personnel to verify implementation of practices and processes.
• Document assessment observations, findings, and supporting rationale in the company’s secure project management and assessment platforms.
• Collaborate with the Lead CCA and other assessment team members to ensure accuracy, consistency, and completeness of assessment results.
• Participate in readiness and scoping reviews during the Preliminary Proceedings Phase to confirm assessment scope and organizational boundaries.
• Assist in developing and maintaining assessment deliverables, including assessment plans, work papers, and summary reports.
• Maintain confidentiality and comply with all security requirements related to handling Controlled Unclassified Information (CUI).
• Complete mandatory and role‑based training on CUI protection, cybersecurity awareness, and insider‑threat prevention.
• Stay current with updates to the CMMC framework, CAP process, and related federal cybersecurity standards.
• Contribute to continuous improvement activities, lessons‑learned reviews, and internal quality initiatives.

• Certification as a Certified Assessor (CCA)
• Affirmative Tier 3 (T3) adjudicated background investigation (active or favorably adjudicated)
• 2–3 years of cybersecurity or IT audit/assessment experience (for CCP)
• 5 years of cybersecurity or IT audit/assessment experience (for CCA)
• Strong working knowledge of CMMC Level 2 and NIST SP 800-171 Rev 2 security requirements
• Demonstrated ability to analyze technical evidence and interpret compliance artifacts
• Excellent written and verbal communication skills for team collaboration and client interaction

Education:

Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience)

This is a remote position.