Apply on Employer Site

MITRE · 14 hours ago

Principal, IT Audit & Controls

McLean, VA

Full-time

Onsite

Lead/Staff

$138K/yr - $207K/yr

8+ years exp

MITRE is a not-for-profit corporation committed to tackling the nation's toughest challenges. They are seeking a Principal, IT Audit & Controls to lead and execute comprehensive IT and cybersecurity audits and risk assessments, serving as a trusted advisor to senior leadership and overseeing internal audit functions.

Cyber SecurityInformation TechnologyNon ProfitQuantum ComputingSaaS

Responsibilities

Government compliance: Ensure audits are in alignment to DFARS, NIST 800-171, FedRAMP, CMMC, or Agency Specific requirements to ensure contract integrity and regulatory adherence

Risk assessment: Conduct ongoing enterprise-wide risk assessments to identify high-risk areas across IT

Controls management: Assess the effectiveness of security controls (technical, physical, and administrative) and make recommendations for improvement

Audit execution: Lead and manage cybersecurity internal audits across federal programs, including planning, fieldwork, reporting, and follow-up

Reporting: Prepare and deliver clear, concise, and timely IT audit reports and compliance updates to management, the C-suite, and the Audit Committee

Collaboration: Partner with IT, Security Operations, Risk Management, and Compliance teams to align IT audit plan and findings with agency missions and priorities of the company and audit committee

Continuous improvement: Work with management to design and implement effective remediation plans, fostering a culture of accountability and operational excellence

Qualification

IT/Cybersecurity auditCMMC readiness assessmentsAudit/control frameworksGovernment complianceRisk assessmentControls managementCollaborationExecutive presenceManaging outsourced providersPresenting to executivesTechnical knowledgeOperational excellenceCommunication skillsRelationship-building

Required

Typically requires a minimum of 10 years of related experience with a Bachelor's degree; or 8 years and a Master's degree; or a PhD with 5 years' experience; or equivalent combination of related education and work experience

6+ years of IT/Cybersecurity audit experience, with at least 2 years in a federal contracting or government agency environment

Direct experience supporting CMMC readiness assessments or other federal cybersecurity compliance initiatives

Strong knowledge of ITGCs, ICOFR, and audit/control frameworks (COSO, COBIT, NIST, ISO)

Proven ability to present to and build trust with Audit Committees, C-suite executives, and IT leadership (CISO, CIO, etc)

Experience managing outsourced providers and coordinating with external auditors

This position requires a minimum of 4 days a week on-site

Preferred

Bachelor's degree in Information Systems, Cybersecurity, or Computer Science (Master's a Plus)

Professional certifications: CISA, CPA, CIA, CISSP, or CISM

8+ years of IT/Cybersecurity audit experience, with at least 6 years in a federal contracting or government agency environment

Strong communication, relationship-building, and executive presence

Benefits

Competitive benefits

Exceptional professional development opportunities for career growth

Company

MITRE

Glassdoor2.8

The MITRE Corporation is working to solve some of the nation’s biggest challenges in defense, cybersecurity, healthcare, homeland security, the judiciary and transportation.

Founded in 1958

Bedford, Massachusetts, USA

5001-10000 employees