Cybersecurity Assessor – CMMC

Vaultes

Cybersecurity Assessor conducting security control assessments for commercial and government customers. Collaborating on all aspects of cybersecurity with client-facing responsibilities.

Posted 6/12/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $90,000 - $115,000 per yearWebsite

Tech Stack

Tools & technologies

CloudCyber Security

About the role

Key responsibilities & impact

Conduct security control assessments for commercial and government customers to determine the overall effectiveness of the controls and the vulnerability state of components, applications and databases residing within a system boundary.
Develop, document and review System Rules of Engagement (ROE), Security Assessment Plans (SAPs) and Security Assessment Reports (SARs).
Conduct kick-off meetings, develop associated schedules and resource plans to complete the assessments.
Responsible for quality control on the assessment and associated deliverables.
Develop practical and risk-based approaches for security control implementation and vulnerability remediation.
Review and provide feedback system boundaries, common controls, the security categorization of information systems, applicable security control baseline based on system categorization.
Review cyber/system/network security body of evidence and documentation for accuracy and completeness.
Lead Post Assessment Meetings with the customer.
Provide Plan of Action and Milestones (POA&M) support to ensure mitigations are completed or the teams are working to mitigate all vulnerabilities in a timely fashion and within customer policy timelines.
Perform continuous monitoring to ensure implemented security controls remain functional throughout the lifecycle of the information system.
Perform other duties as assigned.

Requirements

What you’ll need

Must be a US Citizen
Must be able to obtain and maintain favorable suitability determination by the CyberAB
BS/BA degree in Information Technology or related Cybersecurity field
5+ years of auditing and/or assessment experience
Thorough knowledge of cloud environments (services/security)
Strong background working with NIST 800-171 and/or NIST 800-53
Must have an active CCP certification listed in the CMMC Marketplace
Must have at least the following industry certifications for CCP CompTIA Security + (Sec+)
Must have at least one of the following industry certifications for CCA: Certified Information System Security Professional (CISSP), CompTIA Advanced Security Practitioner (CASP+ CE), Security X, CompTIA Cybersecurity Analyst (CySA+), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP), Mile Two Certified or Certified Information Systems Security Officer (C|CISSO)

Benefits

Comp & perks

Paid time off
Paid holidays
Work-from-home opportunities
401k with matching incentive
Competitive Medical/dental/vision benefits
Company provided life insurance
Company provided short-term disability

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security control assessmentsvulnerability remediationsecurity categorizationcontinuous monitoringcloud environmentsauditingrisk-based approachesquality controlsecurity assessment planssystem rules of engagement

Soft Skills

communicationleadershiporganizational skillsfeedback provisionmeeting facilitation

Certifications

CCP certificationCompTIA Security+Certified Information System Security Professional (CISSP)CompTIA Advanced Security Practitioner (CASP+ CE)Security XCompTIA Cybersecurity Analyst (CySA+)Certified Information Systems Auditor (CISA)Certified Information Security Manager (CISM)Certified Cloud Security Professional (CCSP)Certified Information Systems Security Officer (C|CISSO)