Changing careers is challenging but CompTIA certifications can unlock new and unexpected opportunities. Just ask Jason. As a CompTIA A+, Network+, Security+, and CySA+ certified professional, Jason discovered a whole new world beyond traditional IT roles.
Jason began his IT career in the US Army and continued it after transitioning to the civilian workforce. Over the past eight years, he has held various roles, including technical support specialist, network security administrator, and security engineer, where he led a team of security professionals. In his last position, he learned about the new CMMC requirement that his company needed to maintain their DoD contracts.
When Jason began researching CMMC, he realized that his extensive skills in tech, compliance, and management were a perfect fit for this new requirement. His experience with assessing compliance for stakeholders made him a strong candidate for various CMMC roles. For instance, his expertise could be invaluable as a Registered Practitioner (RP), working with a Registered Practitioner Organization (RPO) to consult and evaluate an Organization Seeking Certification (OSC) on its cyber readiness. Jason also found that he could become a CMMC assessor, joining a team to conduct assessments for a CMMC Third-Party Assessment Organization (C3PAO).
As Jason evaluates his career options within the CMMC ecosystem, he sees multiple paths. He could become a Registered Practitioner (RP) and later a Registered Practitioner Advanced (RPA), helping organizations prepare for CMMC assessments. Alternatively, by earning certifications like CMMC Certified Professional (CCP) and CMMC Certified Assessor (CCA), he could conduct assessments himself, qualifying him to evaluate all 110 practices from NIST 800-171 under the CMMC Framework. Jason could even become an implementor and assessor, broadening his career opportunities. Regardless of his choice, the demand for qualified CMMC professionals is expected to grow, offering high salaries and a skilled workforce.
Program Information:
The Cybersecurity Assessor and Instructor Certification Organization (CAICO) is a subsidiary of The Cyber AB, a non-profit organization responsible for implementing the DoD’s CMMC program under an exclusive contract. CyberAB > Home
Understanding CMMC - The DoD CMMC Information site: Chief Information Officer > CMMC (defense.gov)
Learn more about becoming a Registered Practitioner Consulting and Implementation | Cyber-AB (cyberab.org)
Learn more about becoming an Assessor Assessing and Certification | Cyber-AB (cyberab.org)
Program Details
Program Name | Prerequisites | To Earn Designation | To Earn Certification |
Registered Partitioner (RP) | None | Pass online training and test | N/A |
Registered Partitioner Advanced (RPA) | RPA Designation | Pass online training and test | N/A |
CMMC Certified Professional (CCP) | ● College degree in a cyber or information technical field or 2+ years of related experience or education; or 2+ years of equivalent experience (including military) in a cyber, information technology, or assessment field; and ● Suggested CompTIA A+ or equivalent knowledge/experience; and ● Complete Certified CMMC Professional Class offered by a Licensed Training Provider (LTP); and ● Recommended - Pass DOD CUI Awareness Training Home (dodcui.mil) | N/A |
|
CMMC Certified Assessor (CCA) | Hold active CCP certification | N/A |
|
Lead Assessor | Hold an active CCA certification | N/A |
|
Opportunities
The Defense Industrial Base (DIB) includes Organizations Seeking Certification (OSC) or Organizations Seeking Assessments (OSA). An OSA is an organization aiming to self-assess at Level 1 or 2 of the Cybersecurity Maturity Model Certification (CMMC) program. From 2025, with the enactment of Title 48, all current and new DoD contracts will require CMMC certification. This affects tens of thousands of prime contractors, who are also beginning to require their subcontractors and service providers (MSPs, MMSPs, ESPs, CSPs) to be CMMC certified as well. As a result, there is a growing demand for individuals to help prepare for CMMC assessments, including Registered Practitioners and Assessors who will participate in assessment teams.
Job flexibility
Individuals have the option to work as both an RP and an Assessor. They can choose to work as a contractor or be employed by a Registered Practitioner Organization (RPO) or a CMMC Third-Party Assessment Organization (C3PAO). This work can be done on a full-time or part-time basis, offering flexibility to suit different needs and lifestyles.
Increased earnings
Individuals working within the CMMC ecosystem have the potential to significantly boost their annual income. Depending on their availability and skill level, they could either increase or supplement their income. We've seen assessors at the CCA and Lead CCA levels earn rates around $200+ per hour.
Not just a job, but a mission
CMMC is more than a job; it's a mission to protect our nation. By securing the Defense Industrial Base (DIB) against cyber threats and safeguarding Controlled Unclassified Information (CUI), CMMC plays a crucial role. Beyond the DIB, many non-DIB companies also adopt CMMC and NIST 800-171 standards to protect their intellectual property, reinforcing the mission's importance in the broader landscape.
CMMC is an excellent program for veterans and transitioning military personnel with active clearances who have been working in IT, particularly in cyber, and hold an active DCWF work role code 612 (Intermediate or Advanced level) qualification matrices. Upskill now to ensure you have the certification for this exciting job opportunity. This is a new career path similar to the IT certification pathway, directly linked to work roles in DoDM 8140.03.
Ready to start your journey? Register with your email to learn more about CMMC careers
