Skip to content

Join the CyberNINES team as a Certified CMMC Assessor (CCA) 

Become an integral part of our growing cybersecurity practice. As a CCA at CyberNINES, you will serve as a subject matter experts during CMMC Level 2 assessments, collaborate with CyberNINES team members, other C3PAO and our clients while contributing to the advancement of secure practices across the Defense Industrial Base (DIB). 

Cybersecurity Analysts (3)

Responsibilities:

  • CMMC Assessment Execution: Conduct formal CMMC Level 2 assessments per Cyber-AB guidelines, including documentation reviews, interviews, and technical validations
  • Assessment Documentation & Reporting: Collect and evaluate evidence, document findings and scores, and support reporting for internal review and official submission
  • Client Communication: Serve as a trusted advisor to clients, clearly communicating assessment criteria, observations, and outcomes; provide feedback and insights on remediation where applicable
  • Framework Expertise: Maintain deep knowledge of CMMC, NIST SP 800-171, and DoD cybersecurity requirements; support continuous improvement of assessment methodologies
  • Professional Development: Maintain required CCA certifications and stay current with evolving cybersecurity standards and best practices
Internship Page Image (1)

Required Qualifications:

  • Must be a U.S. Citizen (all employees are subject to security screening)
  • Possess Tier 3 Suitability
  • Active CCA or Lead CCA certification from the Cyber-AB
  • Bachelor's degree in Cybersecurity, Information Technology, Engineering, or related field; or equivalent Professional experience
  • Strong understanding of NIST SP 800-171, CMMC framework, and DoD cybersecurity requirements
  • Exceptional written and verbal communication skills with meticulous attention to detail
  • Proven ability to work independently and collaboratively in a remote/hybrid environment
  • Willingness to travel (approximately 40%

Preferred Qualifications:

  • Familiarity with ISO 27001, CIS Controls, and industry security best practices
  • Knowledge of NIST 800 series guidance for network security
  • Understanding of common vulnerabilities, system configurations, and IT security principles across cloud and on-premises environments
  • Proficiency in Microsoft Suite and GRC software platforms
  • Additional certifications (CISSP, CISA, CEH, or similar)

Experience Requirements (by level):

Entry-Level CCA:

  • Newly certified CCA with limited or no assessment experience
  • 1-2 years of experience in cybersecurity, IT security, or related field
  • Familiarity with cybersecurity frameworks and compliance standards
  • Strong desire to learn assessment methodologies

Mid-Level CCA:

  • 20+ completed Level 2 CMMC assessments
  • 2-4 years of experience conducting cybersecurity assessments or working in highly regulated environments
  • Demonstrated expertise in NIST SP 800-171 and CMMC Level 2 requirements
  • Experience with GRC tools and assessment documentation

Lead CCA:

  • 10+ assessments completed in a lead assessor role
  • 4+ years of experience conducting formal cybersecurity assessments
  • Proven track record leading assessment teams and managing client relationships
  • Deep expertise across multiple frameworks (CMMC, NIST 800-171, ISO 27001, CIS Controls)
  • Experience mentoring junior assessors

Apply Today!