CMMC Assessor
Own The Role:
SP6 is seeking a compliance professional ready to take the next step in their career! In this role, you will play a key part in delivering CMMC C3PAO assessments for organizations pursuing certification, while also contributing to advisory services that support our clients' broader compliance objectives.
Joining our Compliance team, you will see your impact across the company as you take ownership over customer projects and advising our platform team on the different compliance rules.
How You’ll Drive Success:
CMMC Assessments
- Conducting formal assessments of organizations’ cybersecurity practices against using the CMMC assessment process (CAP).
- Collaborate with client organizations to plan assessments, develop assessment schedules, and ensure readiness
- Assess the effectiveness of security measures practices and ensure they align with the CMMC practices and processes for the assigned maturity level.
- Interview key personnel within the organization to understand how cybersecurity practices are implemented and maintained.
- Collect and evaluate sufficiency and adequacy of evidence, such as system logs, incident reports, and audit trails, to verify implementation.
- Maintain an objective and unbiased stance during the assessment process, ensuring that conclusions are based on facts and evidence.
- Ensure that all documentation is properly prepared for submission to the eMASS if the organization is seeking certification.
- All team members – from leadership to individual contributors – will also assist with the development of our CRC (Cyber Risk & Compliance) delivery processes and methodologies.
Other Responsibilities
- Lead with a “customer first” attitude and be an exhibitor of SP6’s Core Values, as an example to other team members
To Be Successful:
- CMMC Certified Assessor (CCA) or Certified Professional (CCP).
- CISSP, CISM, CISA, CRISC or other related certification.
- 2 minimum years of experience testing and documenting IT security controls including experience managing and facilitating external IT audits.
- 2 minimum years of experience leading external or internal audits, e.g., CMMC, FedRAMP, ISO 27001, PCI.
- 2 minimum years of experience with cybersecurity.
- Self-driven, with a strong desire to succeed.
- Ability to engage with customers/executives and foster positive relationships.
- Exceptional communicator and ability to relay complex technical concepts to non-technical audience.
Why SP6?
- The chance to be part of a winning team and a premier C3PAO.
- Competitive salary.
- Quarterly Bonus plan.
- Employer-paid health insurance.
- 401(k) with company match.
- 30 days annual paid time off.
- Significant Training and Development and Certification attainment.
- Opportunity for long term career advancement.
- Your contributions are felt and recognized at our growing company.
About SP6/ASCERA:
SP6 is an industry recognized C3PAO (Certified Third-Party Assessor Organization) dedicated to assisting organizations in effectively identifying and managing cyber risks while ensuring compliance with industry standards, federal laws, and regulations.
SP6 has developed, ASCERA, a powerful automation tool bringing security and compliance teams closer together by providing real-time testing of security controls to determine effectiveness and gather system generated evidence.
Average salary estimate
If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.
Lead legal strategy for a fast-growing SaaS company as In-House Counsel, managing high-volume commercial agreements, regulatory compliance, and contract operations to drive business growth.
Experienced audit professional needed to manage IT and business process audits at Fifth Third Bank, leading small teams to assess controls, report findings and support risk remediation.
EIP seeks a detail-oriented Legal Analyst based in New York to support contract drafting, legal intake, compliance, and cross-functional legal matters for the General Counsel’s office.
Lead CGS's eDiscovery lab operations as the Senior ALS Lab Manager, overseeing data processing, QC, client communications, and a team of eDiscovery professionals to ensure compliant and timely ESI productions.
Work closely with Jerry.ai's General Counsel to perform bilingual Mandarin/English legal research, contract review, and compliance support for a fast-growing AI-powered company.
Moog is hiring a remote Contracts Administrator in the Blacksburg, VA region to negotiate, review, and manage government and commercial contracts for its Space and Defense sector.
Lead North American trade compliance and consulting for Maersk's growing customs brokerage division, providing technical expertise, client advisory services, and team leadership.
Lead Freshworks' global IT audit and SOX program, driving technology-enabled audit strategies and partnering with executives to strengthen IT governance and risk controls.
Lead Oura’s global product secrecy program to protect confidential designs, prototypes, and pre-release assets while enabling safe, scalable innovation.
AssistRx is hiring a Compliance Specialist to support regulatory compliance, document control, risk assessment, and privacy incident management in a fast-paced healthcare environment.
Experienced trademark attorney needed to lead global trademark prosecution, enforcement and brand protection for AbbVie’s pharmaceutical and aesthetics brands from our Irvine, CA office in a hybrid role.
Fort Loudoun Medical Center seeks a Senior Risk Manager to lead facility risk, claims, and patient-safety programs while partnering with clinical teams and legal counsel to minimize loss and improve care.
AbbVie is hiring an experienced Corporate Counsel to lead international legal strategy on market access, pricing, promotion and related healthcare compliance matters across its pharmaceutical brands.
🔮
Hi, I'm Risa! Your AI Career Copilot
you, just ask me below!
