Lead Certified CMMC Assessor (CCA) - (Hybrid 1-day onsite)

Hybrid in Silver Spring, MD, US • Posted 11 days ago • Updated 11 days ago

Full Time

No Travel Required

Hybrid

Depends on Experience

Fitment

Dice Job Match Score™

👾 Reticulating splines...

Job Details

Skills

GRC
CMMC
ASSESSMENT
CCA
LCCA
CMMC Assessment Process
CAP
C3PAO
NIST
POA&Ms
SSPs
NIST SP 800-171
Cyber
eMASS

Summary

Job Title: Lead Certified CMMC Assessor (CCA)
Location: Silver Spring, MD (Hybrid, 1-day onsite)
Clearance Required: None
Salary Range: $120K-$150K
Application Deadline: March 31, 2026

To apply, please follow these steps:

Visit .
Select the position you are interested in.
Review the job details, then click Apply Now.
Complete and submit your application.

Description

IBSS is seeking a Lead Certified CMMC Assessor (CCA) to serve as the cornerstone of our CMMC initiatives. This is a high-visibility leadership role requiring a rare blend of technical expertise, regulatory precision, and emotional intelligence. You will not be just checking boxes; you will be navigating the complexities of the CMMC Assessment Process (CAP) while ensuring our clients, and our internal team, are prepared for the rigors of CMMC compliance.

You will act as the primary authority for formal C3PAO assessments, making critical determinations on practice implementation while maintaining the highest ethical standards to prevent conflicts of interest. When not leading formal assessments, you will leverage your expertise to help small-to-mid-sized defense contractors translate complex NIST 800-171 requirements into sustainable business operations.

We are looking for a professional who possesses strong interpretive judgment. You can evaluate diverse technical architectures and confidently determine if they satisfy CMMC requirements. You will serve as a "Teacher-Leader" who excels at clarifying complex requirements for clients and colleagues alike. As an added bonus, IBSS is the perfect home for your career if you value a culture that prioritizes volunteerism and community impact.

Key Responsibilities:

< data-path-to-node="7">CMMC Assessment Leadership (C3PAO Operations)

Lead Formal Assessments: Serve as the Assessment Team Leader for CMMC Level 2 assessments; manage the end-to-end assessment lifecycle in accordance with the CMMC Assessment Process (CAP).
Quality & Ethics Oversight: Ensure all assessment activities strictly adhere to the Cyber AB Code of Professional Conduct and maintain rigorous protocols to prevent conflicts of interest between consulting and assessment clients.
Evidence Validation: Review and validate complex evidence provided by Organizations Seeking Certification (OSCs) to determine practice implementation and meta-data sufficiency.
Reporting: Author and certify Final Assessment Reports (FAR) and ensure all findings are accurately uploaded into the CMMC Enterprise Mission Assurance Support Service (eMASS).

< data-path-to-node="9">CMMC Readiness & GRC Strategy

Pre-Assessment Coaching: Lead non-assessment clients through gap analyses, readiness reviews, and documentation development (e.g., SSPs and POA&Ms).
Framework Mapping: Translate complex NIST SP 800-171 requirements into actionable business processes for diverse client environments.
Artifact Orchestration: Assist clients in building robust Evidence Packages that tell a clear story of compliance to an external C3PAO.

Required Skills /Education/ Certifications & Qualifications:

< data-path-to-node="13">Assessment Expertise

Demonstrated Lead Assessor History: Minimum of six (6) years of experience specifically performing and leading formal cybersecurity assessments against high-assurance frameworks (e.g., NIST SP 800-53, 800-171, FedRAMP, or ISO 27001).
Assessment Methodology: Deep familiarity with the CMMC Assessment Process (CAP) and the NIST SP 800-171A assessment objectives.
Interpretive Judgment: Proven ability to evaluate diverse technical architectures (on-prem, GCC High, hybrid) and determine if they satisfy regulatory objectives.

< data-path-to-node="15">Professional Certifications

Certified CMMC Assessor (CCA): Must hold a current, valid CCA certification from the Cyber AB.
Certified CMMC Professional (CCP): Must have successfully completed the CCP prerequisite.
Baseline Certification: Must maintain at least one DoD-approved baseline certification (i.e., CISA, CISM, or CISSP).

< data-path-to-node="17">Education & General Experience

Career Tenure: At least ten (10) years in cybersecurity GRC, IT audit, or compliance program support.
Education: Bachelor's degree or higher in a relevant technical or business field.
Communication: Exceptional technical writing and presentation skills, with the ability to resolve conflicts in high-stakes compliance environments.

Desired Skills:

Experience teaching, coaching, or mentoring junior Certified CMMC Professionals (CCPs).
Active participation in the Cyber AB ecosystem or related federal cybersecurity working groups.
Strong project management discipline and the ability to manage multiple engagement timelines simultaneously.

About IBSS Corp.

Since 1992, IBSS, a woman-owned small business, has provided transformational consulting services to the Federal defense, civilian, and commercial sectors. Our services include cybersecurity and enterprise information technology, environmental science and engineering (including oceans, coasts, climate, and weather), and professional management services.

Our approach is to serve our employees by investing in their growth and development. As a result, our employees bring greater capabilities and provide exceptional service to our clients. In addition to creating career development opportunities for our employees, IBSS is passionate about giving back to the community and serving the environment. We strive to leave something better behind for the next generation.

We measure our success by the positive impact we have on our employees, clients, partners, and the communities we serve. Our tagline, Powered by Excellence, is a recognition of the employees that make up IBSS and ensures we deliver results with quality, applying industry best practices and certifications.

IBSS offers a competitive benefits package that includes medical, dental, vision, and prescription drug coverage with a company-paid deductible, paid time off, federal holidays, a matching 401K plan, tuition/professional development reimbursement, and Flex-Spending (FSA)/Dependent Care Account (DCA) options.

IBSS is an affirmative action and equal opportunity employer. All qualified applicants will be considered for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. Click to see that the EEO is the law. Please direct any inquiries to the HR department email at

If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to the Talent Acquisition Department at

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 10189480
Position Id: 8896014
Posted 11 days ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Security Control Assessor

Washington, District of Columbia

•

Today

Job#: 3021496 Job Description: For immediate response, please send to : WORD resume, desired hourly/salary rate, and best time to speak! Please include job ID as well. Job ID: 3021496 Position: Security Control Assessor Location: Washington, DC (100% ONSITE) Duration: Long Term Contract, potential Contract to Hire MUST HAVES: Must be able to obtain and maintain a Secret Clearance | Bachelor's & 5+ Years of Experience | IAT Level II Certification (please send copy)Experience STIG Viewer, eMA

Easy Apply

Full-time

Cybersecurity Compliance Analyst/Active Secret Clearance- 5 days onsite Fort Meade, MD

Arlington, Virginia

•

Today

Cybersecurity Compliance Analyst We're looking for a mid-level Information Systems Security Officer (ISSO) to support our cybersecurity program in securing both classified and unclassified environments. This role is responsible for maintaining compliance with federal and organizational security requirements, assisting with Risk Management Framework (RMF) processes, and supporting system accreditation and ongoing continuous monitoring efforts. The company is located in Fort Meade, MD and will be

Easy Apply

Full-time

$140000 - $150000

Chief Cybersecurity Architect

Arlington, Virginia

•

Today

Modern Technology Solutions, Inc. (MTSI) is seeking an experienced Chief Cybersecurity Architect Compliance Architect to play a key leadership role in designing and authorizing secure systems for Next Generation Missile Defense and other classified DoD initiatives. As the Chief Cybersecurity Architect, you will provide strategic direction and technical expertise on system authorizations, cybersecurity compliance, and the integration of secure digital ecosystems within classified environments. By

Full-time

Cyber-Supply Chain Risk Management (C-SCRM) SME Analyst

Alexandria, Virginia

•

Today

This Department of War enterprise data and analytics program delivers mission-critical capabilities that enable leaders across the Department to make faster, better-informed decisions using trusted data at scale. Leidos Digital Modernization sector is seeking an experienced SCRM Analyst SME to support the delivery, enhancement, and adoption of enterprise data and analytics products used across multiple DoD organizations. In this role, you will work alongside government partners, engineers, and o

Full-time

USD 131,300.00 - 237,350.00 per year

Search all similar jobs