Certified CMMC Professional (CCP)

Описание вакансии

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, we deliver next-generation audit services across SOC 2, ISO 27001, PCI DSS (QSA), HITRUST, CMMC (C3PAO), and FedRAMP (3PAO) frameworks.

We’re not your traditional audit firm — we’re tech-enabled, leveraging compliance automation and advanced collaboration tools to make audits faster, smarter, and more impactful for our clients.

Recognized on the Inc. 5000 and Fast 50 lists, Insight Assurance is one of the fastest-growing global audit firms, with 170+ professionals supporting nearly 2,000 clients across the Americas, EMEA, and APAC.

Position Summary

We are seeking a knowledgeable and motivated Certified CMMC Professional (CCP) to support the delivery of CMMC readiness and advisory services for clients in the Defense Industrial Base (DIB). The CCP will work directly with organizations seeking to meet CMMC 2.0 and NIST SP 800-171 compliance requirements.

This role serves as a trusted advisor, assisting clients with documentation, gap assessments, remediation planning, and readiness activities in preparation for formal CMMC assessments conducted by Certified Third-Party Assessment Organizations (C3PAOs).

Key Responsibilities

• Conduct CMMC readiness assessments and gap analyses against CMMC 2.0 practices and NIST SP 800-171 requirements.
• Assist in developing and reviewing key compliance documents such as System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms).
• Support clients in implementing cybersecurity controls and processes aligned with CMMC 2.0 Levels 1 and 2.
• Collaborate with IT, security, and compliance teams to identify risks and track remediation efforts.
• Provide expert guidance and interpretation of CMMC requirements, helping organizations understand their obligations under DFARS 252.204-7012/7019/7020.
• Prepare clients for official CMMC assessments by reviewing evidence, policies, and technical configurations.
• Stay current with updates from The Cyber AB, DoD, and NIST related to the CMMC 2.0 program.
• Communicate findings and recommendations clearly through reports, presentations, and client meetings.
• Work closely with Certified CMMC Assessors (CCAs) or C3PAO partners to align client readiness efforts with official assessment standards.

Required Qualifications

• Active Certified CMMC Professional (CCP) credential issued by The Cyber AB.
• U.S. Citizenship (required for DoD and DIB-related engagements).
• 3–5+ years of experience in cybersecurity, compliance, risk management, or audit.
• Strong understanding of CMMC 2.0, NIST SP 800-171, and related DoD cybersecurity regulations.
• Experience performing gap analyses, security documentation reviews, and compliance consulting.
• Excellent communication and analytical skills with the ability to explain technical concepts to non-technical audiences.
• Ability to work independently and manage multiple client engagements in a fast-paced environment.

Preferred Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field (or equivalent experience).
• Additional certifications such as Security+, CISSP, CISA, or CAP.
• Experience supporting defense contractors or working in environments handling Controlled Unclassified Information (CUI).
• Familiarity with Microsoft GCC High, AWS GovCloud, or other compliant cloud environments.
• Prior experience working with or for a Certified Third-Party Assessment Organization (C3PAO).

BENEFITS

Flexible Paid Time Off and paid Holidays 

Quarterly Performance Bonuses

100% Remote

Competitive salary and benefits package.

Opportunities for professional growth and development.

Collaborative and innovative work environment.

Insight Assurance is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Privacy Notice CCPA:

• Insight Assurance shares your personal data/information with Greenhouse recruiting because this is the tool we use for the recruitment process.
• Insight Assurance does not sell personal data/information under any circumstances.
• You may exercise your rights under personal data protection legislation by reaching out to us via: HR@insightassurance.com or submit a request via mail at 400 N Tampa St. 15th Floor Suite 129, Tampa, FL 33602

Privacy Notice GDPR:

This notice informs you about the categories of Personal Data/ Information and the Purpose and Scope of Processing Activities to be undertaken by Insight Assurance (we, us, our), under its job application and recruitment process.

We resort to Greenhouse.com as the platform that supports our recruitment process, and therefore your Personal Data/ Information will be Processed on this tool (hosted, shared with, cross-referenced, accessed by our team); we have in place contractual terms and the commitment of Greenhouse.com that ensures the Security and Confidentiality plus Purpose limitation with regards to the Processing of your Personal Data.

When you reply to one of your job postings, you voluntarily and freely submit your Personal Data to us; this, allied with the fact that the Processing by us (and over Greenhouse.com) of that Personal Data has the sole Purpose of validating your application and proceeding with the inherent scrutiny and decision, allows us to argue having Legitimate Interest as the applicable Legal Basis to undertake the Processing of your Personal Data under this scope.

We are a U.S. based company, hence some or all Personal Data pertaining to you will be hosted in the U.S.

The categories of Personal Data under Processing consist of:

• Identification
• Contact
• Education and Professional
• Interview performance
• Evaluation

You may exercise several Rights as determined under applicable Personal Data Protection legislation, in short:

• *Right of Access*– meaning getting information about the Personal Data under Processing by us, except for the information you already know;
• *Right of Erasure*– you may ask for us to erase all Personal Data pertaining to you under Processing; this may imply you being excluded from the recruitment process, for without information we cannot proceed with it;
• *Right of Opposition or Restriction of Processing*– you may ask us to stop some Processing or restrict the Processing of some Personal Data, this may imply you being excluded from the recruitment process, at our sole discretion also for without information we cannot proceed with it;
• *Rectification*– you can rectify your Personal Data at anytime