CMMC Assessor

CMMC Assessor (CCA Certified) - Fully Remote
Position Overview

We are seeking a highly skilled and certified Cybersecurity Maturity Model Certification (CMMC) Assessor to support assessments of organizations within the Defense Industrial Base (DIB). This role is responsible for conducting formal CMMC assessments in accordance with the standards established by the Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB) and the Department of Defense (DoD).

The ideal candidate is a certified CMMC Certified Assessor (CCA) with a strong understanding of CMMC and NIST SP 800-171 requirements, capable of executing end-to-end assessments in a fully remote environment.
Key Responsibilities

• Conduct CMMC Level 2 and/or Level 3 assessments in accordance with CMMC-AB and DoD requirements
• Evaluate organizational compliance with NIST SP 800-171 and CMMC practices and processes
• Perform evidence review, control validation, and gap analysis
• Document findings, assessment results, and recommendations in formal assessment reports
• Collaborate with internal and external stakeholders to coordinate assessment activities
• Maintain strict adherence to assessment integrity, independence, and confidentiality requirements
• Participate in assessment planning, scoping, and pre-assessment activities
• Provide subject matter expertise on CMMC and cybersecurity compliance best practices

Required Qualifications

• Active CMMC Certified Assessor (CCA) certification
• CMMC Certified Professional (CCP) certification
• Active Tier 3 (Secret) security clearance or higher
• Proven experience conducting CMMC or NIST SP 800-171 assessments
• Strong knowledge of:
  • CMMC 2.0 framework
  • NIST SP 800-171 / 800-172
  • Risk management and cybersecurity controls
• Experience with assessment methodologies, auditing standards, and compliance frameworks
• Excellent written and verbal communication skills, including report writing

Preferred Qualifications

• Experience working with a C3PAO (Certified Third-Party Assessment Organization)
• Familiarity with additional frameworks such as:
  • NIST SP 800-53
  • ISO 27001
  • FedRAMP
• Prior experience supporting DoD or Federal cybersecurity programs
• Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience)

Work Environment

• Fully remote position (U.S.-based candidates only)
• May require occasional travel depending on assessment requirements
• Flexible schedule aligned to assessment timelines

Why Join Us

• Opportunity to work at the forefront of DoD cybersecurity compliance initiatives
• Support mission-critical national security programs
• Collaborate with top-tier cybersecurity professionals in a growing field

#cjjobs
Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status").