Principal Analyst- IT Cyber Security; CMMC

Position: Principal Analyst- IT Cyber Security (CMMC)
People come to work at Microchip because we help design the technology that runs the world. They stay because our culture supports their growth and stability. They are challenged and driven by an incredible array of products and solutions with unlimited career potential. Microchip’s nationally-recognized Leadership Passage Programs support career growth where we proudly enroll over a thousand people annually.

We take pride in our commitment to employee development, values-based decision making, and strong sense of community, driven by our ; we affectionately refer to it as the
* Aggregate System
* and it’s won us countless awards for diversity and workplace excellence.

Our company is built by dedicated team players who love to challenge the status quo; we did not achieve record revenue and over  without a great team dedicated to empowering innovation. People like you.

Visit our  page to see what exciting opportunities and company  await!
*
* Job Description:

** We are seeking an experienced, highly skilled Principal CMMC Analyst to join our security team and lead enterprise-wide compliance initiatives. This role delivers strategic leadership, technical expertise, and authoritative regulatory interpretation to ensure adherence to CMMC requirements, NIST SP 800-171, DFARS, and other applicable federal cybersecurity standards.

The Principal CMMC Analyst works in close collaboration with management, engineering teams, and internal and external stakeholders to evaluate cybersecurity maturity, identify and mitigate risk, and build scalable, sustainable compliance programs. This position is instrumental in strengthening the organization’s cybersecurity posture and ensuring full readiness for formal CMMC assessments in support of mission-critical programs.
** Responsibilities
* ** Support and help guide activities related to CMMC compliance and overall certification strategy
* Assist in the management, implementation, and validation of security controls in compliance with CMMC, NIST SP 800-171, and/or DFARS requirements
* Provide expert guidance and authoritative input on CMMC, NIST SP 800-171, DFARS, and related DoD cybersecurity requirements
* Oversee the development and maintenance of System Security Plans (SSPs), POA&Ms, policies, procedures, and security control documentation
* Conduct and oversee CMMC readiness assessments, gap analysis, and internal/external audits
* Coordinate with internal stakeholders to remediate identified gaps
* Partner with IT, Cybersecurity, Legal, and Engineering teams to ensure compliance across systems handling CUI
* Advise leadership on risk posture, compliance status, and remediation priorities
* Support customer and government inquiries related to cybersecurity compliance
* Serve as the primary liaison with external auditors, consultants, and CMMC Third-Party Assessment Organizations (C3

PAOs)
* Provide technical leadership and mentorship across the enterprise
* Develop internal training and guidance on CUI handling and CMMC requirements
* Promote a culture of security awareness aligned with Microchip’s guiding values
** Requirements/

Qualifications:

*** Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field
* 10+ years of cybersecurity, GRC, or compliance experience
* 5+ years working directly with compliance frameworks (NIST SP 800-171) and DoD compliance programs
* Hands-on experience applying CMMC and NIST frameworks to assess, implement, and govern cybersecurity controls across complex environments.
* Experience authoring, reviewing, and governing enterprise-level compliance documentation, including System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and other various support documentation
* Comprehensive knowledge of the CMMC framework and NIST SP 800-171, including assessment methodology and security control implementation
* Experience leading enterprise-level cybersecurity assessments or compliance programs
* Strong risk analysis, documentation, and executive communication skills
** Preferred Qualifications
*** Master’s degree in Cybersecurity, Information Systems, Computer Science, or related field
* CISSP, CISM, CRISC, or…