CMMC Lead Auditor - 3PAO jobs in United States
cer-icon
Apply on Employer Site
company-logo

X4 Engineering · 1 day ago

CMMC Lead Auditor - 3PAO

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
money$150K/yr - $200K/yr

X4 Engineering is seeking an experienced CMMC Third-Party Assessor (3PAO Auditor) to conduct independent cybersecurity maturity assessments for U.S. Department of Defense contractors and subcontractors. The role involves performing evaluations in alignment with CMMC Level 2 and Level 3 requirements, ensuring compliance with NIST SP 800-171 and related frameworks.

Staffing & Recruiting
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote
Hiring Manager
Jorge Perez
linkedin

Responsibilities

Conduct CMMC Level 2 and Level 3 assessments in accordance with Cyber AB and DoD standards
Evaluate organizations’ cybersecurity programs for compliance with NIST SP 800-171 and CMMC practices and processes
Review and validate documentation, evidence, and technical controls
Prepare detailed, accurate assessment reports and findings
Collaborate with clients to clarify assessment scope, timelines, and expectations while maintaining strict independence and objectivity
Participate in peer reviews, quality checks, and continuous improvement of audit methodologies
Stay current on evolving CMMC, NIST, DFARS, and related federal cybersecurity compliance updates

Qualification

CMMC Certified AssessorNIST SP 800-171Federal cybersecurity auditsCISSPCISACISMISO 27001 Lead AuditorAnalytical skillsTechnical writingCommunication skills

Required

Must be employed by or affiliated with an authorized Certified Third-Party Assessor Organization (C3PAO)
Active CMMC Certified Assessor (CCA) or Certified Professional (CCP) credential, or in-progress certification with the Cyber AB
Deep understanding of NIST SP 800-171, DFARS 252.204-7012, and CMMC model documentation
Demonstrated experience performing federal cybersecurity audits or assessments (e.g., CMMC, FedRAMP, ISO 27001, or similar)
U.S. Citizenship required (due to government contracting requirements)
Ability to obtain or maintain a DoD security clearance preferred
Excellent analytical, communication, and technical writing skills

Preferred

Prior experience as a lead auditor within a C3PAO or related federal compliance program
Background in information security management, risk assessment, or DoD contractor compliance
Current certifications such as CISSP, CISA, CISM, or ISO 27001 Lead Auditor

Benefits

Competitive salary
Benefits package
Professional development support
Flexible engagements available (project-based or hourly rate)

Company

X4 Engineering

twitter
company-logo
X4 Engineering partner with businesses across the entire engineering spectrum, from early-stage R&D to commercial enterprises to provide world-class talent solutions.
dateFounded in 2008
people-size11-50 employees
web-link
http://www.x4engineering.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase