Sentinel Blue is hiring a Lead CMMC Assessor (LCCA) for our Radar team. This role leads formal CMMC Level 2 assessments for organizations in the defense industrial base pursuing certification. This role sits within Radar, our C3PAO assessment and compliance practice, and operates independently from Sentinel Blue's managed services delivery lines to preserve assessment integrity and objectivity.
This is not a delivery or remediation role. You will be planning and leading formal assessments, evaluating evidence against NIST SP 800-171 practices, managing assessment teams, and producing defensible findings that clients and the Cyber-AB can rely on.
This is a full-time position that is fully remote.
This position may require access to technology, technical data, or information that is subject to U.S. export control laws and regulations. Employment in this position is contingent upon either verification of U.S. person status as defined under applicable export control regulations (which includes U.S. citizens, lawful permanent residents, and certain protected individuals such as refugees and asylees) or the ability to obtain any required export authorization. The company reserves the right not to apply for an export license and to decline to proceed with any applicant on that basis. All qualified applicants will receive consideration for employment without regard to citizenship status, national origin, or immigration status.
A day in the Lead CCA role:
You'll start the day meeting with your assessment team to review assigned practices and check their notes for completeness, accuracy, and consistency. You're also mentoring junior assessors, coaching them on how to ensure the environment is assessed and documented appropriately. From there, you're reviewing client documentation in preparation for both Phase 1 and Phase 2 activities.
You'll also lead calls with the client to confirm assessment scope, walk them through findings as they emerge, and verify that required evidence is accurate and relevant. At the close of the assessment, it's the Lead CCA who makes the final call on outcomes — determining whether each practice is scored MET or NOT MET, and ultimately whether the organization achieves certification.
Responsibilities:
- Lead and conduct formal CMMC Level 2 assessments in accordance with the CMMC Assessment Process (CAP) and Cyber-AB requirements.
- Plan assessment scope, review System Security Plans (SSPs) and Plans of Action & Milestones (POA&Ms), and evaluate evidence against NIST SP 800-171 practices.
- Manage and mentor assessment team members, including junior assessors and CCPs, throughout the assessment lifecycle.
- Serve as the primary point of contact for client organizations during assessments, including kickoff, evidence review sessions, and closing briefings.
- Produce clear, defensible assessment reports and findings documentation for submission to the Cyber-AB.
- Maintain assessment records in accordance with confidentiality and data handling requirements, ensuring no CUI or export-controlled data is mishandled during the assessment process.
- Stay current on CMMC program updates, Cyber-AB guidance, and changes to NIST SP 800-171/800-172.
- Support Radar's internal quality assurance processes to ensure assessments meet Cyber-AB and DoD standards.
- Maintain clear separation between assessment activity and any Sentinel Blue managed services delivery to preserve independence and avoid conflicts of interest.
What We Can Offer:
Sentinel Blue is a young company with a focused mission: We're bringing enterprise-class cybersecurity to small and medium sized businesses. Frankly, we're pushing the envelope of how things are done and constantly seeking innovative ways to meet that mission. The pace is fast, and we're always learning new things. This is a great place if you want to expose yourself to new and emerging technologies, want to be challenged, and want to build your skills. The right person will find themselves in a fun, dynamic environment, working on interesting problems and making a real difference in the defense industrial base.
Requirements:
- Lead Certified CMMC Assessor (LCCA) credential in good standing with the Cyber-AB with approved Tier III clearance.
- Prior experience as a CMMC Assessor, consultant or IT Auditor.
- Strong working knowledge of NIST SP 800-171, NIST SP 800-172, and the CMMC Assessment Process (CAP).
- Experience evaluating SSPs, POA&Ms, and technical evidence across IT environments, including cloud environments.
- Excellent written communication skills — assessment findings must be precise and defensible.
- Ability to work independently and manage multiple concurrent assessment engagements.
- Eligible to work with defense industrial base clients; U.S. citizenship may be required depending on client contract terms.
Desired Qualifications:
- Hands-on assessment experience in Microsoft GCC High or Azure Government environments.
- Familiarity with DFARS 252.204-7012, DFARS 7019/7020, and broader DIB compliance requirements.
- Prior experience leading or supervising assessment teams.
- Additional certifications (CISSP, CISA, Lead CCA).
- Bachelor's or Master's degree in Cybersecurity, Information Systems, Computer Science, or a related field.
Benefits:
- Fully paid individual healthcare, vision and dental insurance for the employee.
- Paid certification and training opportunities.
- Three weeks of paid vacation + 10 paid holidays.
- A supportive environment with a focus on keeping healthy work-life balance.
- Retirement benefit (401k) with company match.
Skills Required
- Lead Certified CMMC Assessor (LCCA) credential in good standing with the Cyber-AB with approved Tier III clearance
- Prior experience as a CMMC Assessor, consultant, or IT Auditor
- Strong working knowledge of NIST SP 800-171, NIST SP 800-172, and the CMMC Assessment Process (CAP)
- Experience evaluating System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), and technical evidence across IT and cloud environments
- Excellent written communication skills for producing precise, defensible assessment findings
- Ability to work independently and manage multiple concurrent assessment engagements
- Eligible to work with defense industrial base clients; U.S. citizenship may be required depending on client contract terms
- Hands-on assessment experience in Microsoft GCC High or Azure Government environments
- Familiarity with DFARS 252.204-7012, DFARS 7019/7020, and broader DIB compliance requirements
- Prior experience leading or supervising assessment teams
- Additional certifications (CISSP, CISA, Lead CCA)
- Bachelor's or Master's degree in Cybersecurity, Information Systems, Computer Science, or related field
What We Do
Sentinel Blue is a managed security service provider (MSSP) that offers comprehensive cybersecurity, compliance, and cloud solutions tailored to defense contractors and small to medium-sized businesses.







