THE MISSION

To help keep our nation safe by validating that organizations in the United States’ Defense Supply Chain have established required protections against industrial espionage and cybersecurity threats.

COMPANY DESCRIPTION

Peak InfoSec is a Veteran led, Authorized Cybersecurity Maturity Model Certification (CMMC) 3rd Party Assessment Organization (C3PAO) that was established in part to help veterans find meaningful employment in civilian life.

ROLE DESCRIPTION

Peak InfoSec is seeking multiple full-time CMMC Certified Assessor (CCA)s.  A person filling one of these positions will conduct CMMC Certification Assessments for organizations required to meet stringent cybersecurity standards set by the United States Government.  This is a client-facing role, therefore all candidates must have a thorough understanding of the NIST SP 800-171 framework and the CMMC program as demonstrated by having earned a CCA certification from the Cybersecurity Assessor and Instructor Organization (CAICO).

QUALIFICATIONS

  • Have and maintain in good standing CMMC Certified Assessor certification from the CAICO
  • Excellent problem-solving and analytical abilities
  • Strong communication and interpersonal skills
  • Ability to work independently and as part of a team
  • Self-starter who can work independently, seek out and leverage internal resources when needed, proactively take ownership of work and career, and drive engagements to provide the value our customers expect
  • Strong understanding of Information Security Assessments, IT Compliance Reporting, and Penetration Testing
  • Proven experience in a role focused on IT security, risk management, or compliance.
  • In-depth knowledge of the CMMC framework, NIST SP 800-171, DFARS 252.204-7012 and other Department of Defense (DoD) regulations.
  • Skills in deploying, tuning, and optimizing security products and infrastructures
  • Other relevant certifications such as CISSP, CISA, CISM, or similar preferred
  • Experience working with veteran-owned businesses or in the veteran community is a plus

SPECIFIC JOB RESPONSIBILITIES

  • Certification Assessments
    • Conduct comprehensive assessments of Defense Supply Chain organizational networks and systems to confirm they meet the CMMC requirements.
    • Interview client Subject Matter Experts for different fields of the organization, including technical areas as well as Human Resources, SecDevOps, SOC/NOC, and Internal Compliance.
    • Perform assessments of client on-premises, cloud, and hybrid environments.
    • Review client system security and technical configurations as they pertain to NIST SP 800-171 control requirements and CMMC scoping considerations.
    • Analyze client technical documentation such as System Security Plans (SSPs), policies, procedures, and other evidence.
    • Document assessment findings, develop scoring rationales, and draft formal deliverables.
    • Conduct Quality Assurance of other CMMC Certification Assessment Teams’ activities and work products.
  • General
    • Keep abreast of the latest cybersecurity threats and trends, as well as updates to the CMMC framework.
    • Achieve utilization targets, complete projects on time and budget, and meet quality standards.
    • Efficiently and effectively deliver customer engagements while achieving a high, and continuously improving, level of customer satisfaction.
    • Successfully manage projects, meet deadlines, and achieve high levels of quality based on standards.
    • Execute project planning, scheduling, and other coordination of internal and customer resources to conduct interviews, meetings, and presentations.
    • Prepare and deliver presentations to customers and internal stakeholders.
    • Create, review, and edit findings, observations, and other reports.

COMPENSATION & BENEFITS

  • Competitive Base Salary + Performance-based Bonuses
  • Participation in Company’s Medical (HRA) and 401(K) benefit programs.
  • Paid vacations

More Details

Base salary is part of our total rewards package which also includes the opportunity for merit-based salary increases, eligibility for our benefits and leaves provided in line with your work state. Our robust time-off policy includes paid time off and paid holidays. Total compensation, including base salary to be offered, will depend on elements unique to each candidate, including applicable candidate experience, skills, education, and other factors permitted by law.

Mental/Physical Requirements: Selected persons will work in a fast-paced environment handling multiple demands. Must be able to exercise appropriate judgment as necessary. Requires a high level of initiative and independence. Excellent written and oral communication skills required. Requires the ability to use a personal computer for extended periods of time.

Equal Opportunity: Peak InfoSec is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law.

Peak InfoSec is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. Please inform Peak InfoSec’s Recruiting team if you need any assistance completing any forms or to otherwise participating in the application process.

E-Verify: This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

If E-Verify cannot confirm that you are authorized to work, this employer is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you, including terminating your employment.

Employers can only use E-Verify once you have accepted a job offer and completed the form I-9.

For more information on E-Verify, or if you believe that your employer has violated its E-Verify responsibilities, please contact DHS. 888-897-7781

Disclaimer: The above statements are intended to describe the general nature and level of work being performed by people assigned to this position.  They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of anyone filling the role. At Peak InfoSec, we operate, and care for each other, as a team.  This includes providing support to each other as needed.  Therefore, everyone working for our company may be asked or required to perform duties outside of their normal responsibilities from time to time, as needed.

Apply Now

Name
Please provide your CyberAB Marketplace Profile link (e.g., https://cyberab.org/Member/CCA-2-Goepel-James).
Please provide a link to your LinkedIn profile (e.g., https://www.linkedin.com/in/matthewtitcombe/)
Click or drag files to this area to upload. You can upload up to 3 files.