Apply on Employer Site

Microchip Technology Inc. · 2 hours ago

Principal Analyst- IT Cyber Security (CMMC)

Chandler, AZ

Full-time

Onsite

Senior Level, Lead/Staff

$75K/yr - $232K/yr

10+ years exp

Microchip Technology Inc. is a global organization that designs technology powering the world. They are seeking a Principal CMMC Analyst to lead enterprise-wide compliance initiatives and strengthen the organization’s cybersecurity posture.

AutomotiveManufacturingSemiconductorWireless

Work & Life Balance

No H1B

U.S. Citizen Only

Responsibilities

Support and help guide activities related to CMMC compliance and overall certification strategy

Assist in the management, implementation, and validation of security controls in compliance with CMMC, NIST SP 800-171, and/or DFARS requirements

Provide expert guidance and authoritative input on CMMC, NIST SP 800-171, DFARS, and related DoD cybersecurity requirements

Oversee the development and maintenance of System Security Plans (SSPs), POA&Ms, policies, procedures, and security control documentation

Conduct and oversee CMMC readiness assessments, gap analysis, and internal/external audits

Coordinate with internal stakeholders to remediate identified gaps

Partner with IT, Cybersecurity, Legal, and Engineering teams to ensure compliance across systems handling CUI

Advise leadership on risk posture, compliance status, and remediation priorities

Support customer and government inquiries related to cybersecurity compliance

Serve as the primary liaison with external auditors, consultants, and CMMC Third-Party Assessment Organizations (C3PAOs)

Provide technical leadership and mentorship across the enterprise

Develop internal training and guidance on CUI handling and CMMC requirements

Promote a culture of security awareness aligned with Microchip’s guiding values

Qualification

CMMC complianceNIST SP 800-171DFARS complianceCybersecurity assessmentsGRC experienceRisk analysisExecutive communicationTraining developmentComplex regulatory interpretationTechnical leadershipMentorshipDocumentation skillsCommunication skillsCollaboration

Required

Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or related field

10+ years of cybersecurity, GRC, or compliance experience

5+ years working directly with compliance frameworks (NIST SP 800-171) and DoD compliance programs

Hands-on experience applying CMMC and NIST frameworks to assess, implement, and govern cybersecurity controls across complex environments

Experience authoring, reviewing, and governing enterprise-level compliance documentation, including System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and other various support documentation

Comprehensive knowledge of the CMMC framework and NIST SP 800-171, including assessment methodology and security control implementation

Experience leading enterprise-level cybersecurity assessments or compliance programs

Strong risk analysis, documentation, and executive communication skills

Preferred

Master's degree in Cybersecurity, Information Systems, Computer Science, or related field

CISSP, CISM, CRISC, or similar advanced certification

Demonstrated knowledge and experience with DoD regulations and information security frameworks (CMMC, NIST, DFARS)

Ability to interpret complex regulatory and compliance requirements and exercise professional judgment in validating control implementation and supporting evidence

Ability to clearly convey complex technical and compliance concepts to both technical and non-technical audiences