Certified CMMC Professional

Certified CMMC Professional Duties and ResponsibilitiesThe Certified CMMC Professional (CCP) supports both CMMC readiness engagements and formal assessment activities by evaluating an organization's cybersecurity practices against CMMC requirements. This role contributes to control implementation validation, documentation analysis, and assessment execution, while ensuring alignment with the CMMC Assessment Process (CAP).Readiness & Advisory Support

• Support organizationsin preparing for CMMC Level 1 and Level 2 certification
• Perform gap assessments against:
• CMMC requirements

NIST SP 800-171

controls

• Assistin the development and refinement of:
• System Security Plans (SSPs)
• POA&Ms
• Policies and procedures
• Helpidentifyand remediate control deficiencies prior to formal assessment
• Provide guidance on:
• Control implementation expectations
• Evidence requirements
• Certification boundary considerations Minimum Experience 3-5 years of experience in:
• Cybersecurity
• IT audit or compliance
• Governance, Risk, and Compliance (GRC)
• Information systems or IT operations Working knowledge of:
• CMMC Level 1 and Level 2 requirements

NIST SP 800-171

• CMMC Assessment Process (CAP)
• FedRAMP
• SOC 2 Required Skills
• Experience supporting:
• Security assessments or audits
• Compliance frameworks (e.

g., Fed

RAMP, SOC 2, ISO 27001

)

• Familiarity with DoD contractor environments and Controlled Unclassified Information (CUI)
• Analytical thinking and attention to detail
• Ability to interpret control requirements and supporting evidence
• Strong written and verbal communication skills
• Ability tooperatein both advisory and assessment roles with discipline Considerations
• Must avoid conflicts of interestin accordance withapplicable CMMC ecosystem expectations