Principal Analyst- IT Cyber Security (CMMC)

Are you looking for a unique opportunity to be a part of something great? Want to join a 17,000-member team that works on the technology that powers the world around us? Looking for an atmosphere of trust, empowerment, respect, diversity, and communication? How about an opportunity to own a piece of a multi-billion dollar (with a B!) global organization? We offer all that and more at Microchip Technology Inc.

People come to work at Microchip because we help design the technology that runs the world. They stay because our culture supports their growth and stability. They are challenged and driven by an incredible array of products and solutions with unlimited career potential. Microchip's nationally-recognized Leadership Passage Programs support career growth where we proudly enroll over a thousand people annually. We take pride in our commitment to employee development, values-based decision making, and strong sense of community, driven by our Vision, Mission, and 11 Guiding Values; we affectionately refer to it as the Aggregate System and it's won us countless awards for diversity and workplace excellence.

Our company is built by dedicated team players who love to challenge the status quo; we did not achieve record revenue and over 30 years of quarterly profitability without a great team dedicated to empowering innovation. People like you.

Visit our careers page to see what exciting opportunities and company perks await!

Job Description:

We are seeking an experienced, highly skilled Principal CMMC Analyst to join our security team and lead enterprise-wide compliance initiatives. This role delivers strategic leadership, technical expertise, and authoritative regulatory interpretation to ensure adherence to CMMC requirements, NIST SP 800-171, DFARS, and other applicable federal cybersecurity standards.

The Principal CMMC Analyst works in close collaboration with management, engineering teams, and internal and external stakeholders to evaluate cybersecurity maturity, identify and mitigate risk, and build scalable, sustainable compliance programs. This position is instrumental in strengthening the organization's cybersecurity posture and ensuring full readiness for formal CMMC assessments in support of mission-critical programs.

Responsibilities

• Support and help guide activities related to CMMC compliance and overall certification strategy

• Assist in the management, implementation, and validation of security controls in compliance with CMMC, NIST SP 800-171, and/or DFARS requirements

• Provide expert guidance and authoritative input on CMMC, NIST SP 800-171, DFARS, and related DoD cybersecurity requirements

• Oversee the development and maintenance of System Security Plans (SSPs), POA&Ms, policies, procedures, and security control documentation

• Conduct and oversee CMMC readiness assessments, gap analysis, and internal/external audits

• Coordinate with internal stakeholders to remediate identified gaps

• Partner with IT, Cybersecurity, Legal, and Engineering teams to ensure compliance across systems handling CUI

• Advise leadership on risk posture, compliance status, and remediation priorities

• Support customer and government inquiries related to cybersecurity compliance

• Serve as the primary liaison with external auditors, consultants, and CMMC Third-Party Assessment Organizations (C3PAOs)

• Provide technical leadership and mentorship across the enterprise

• Develop internal training and guidance on CUI handling and CMMC requirements

• Promote a culture of security awareness aligned with Microchip's guiding values

Requirements/Qualifications:

• Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or related field

• 10+ years of cybersecurity, GRC, or compliance experience

• 5+ years working directly with compliance frameworks (NIST SP 800-171) and DoD compliance programs

• Hands-on experience applying CMMC and NIST frameworks to assess, implement, and govern cybersecurity controls across complex environments.

• Experience authoring, reviewing, and governing enterprise-level compliance documentation, including System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and other various support documentation

• Comprehensive knowledge of the CMMC framework and NIST SP 800-171, including assessment methodology and security control implementation

• Experience leading enterprise-level cybersecurity assessments or compliance programs

• Strong risk analysis, documentation, and executive communication skills

Preferred Qualifications

• Master's degree in Cybersecurity, Information Systems, Computer Science, or related field

• CISSP, CISM, CRISC, or similar advanced certification

• Demonstrated knowledge and experience with DoD regulations and information security frameworks (CMMC, NIST, DFARS)

• Ability to interpret complex regulatory and compliance requirements and exercise professional judgment in validating control implementation and supporting evidence

• Ability to clearly convey complex technical and compliance concepts to both technical and non-technical audiences.

Travel Time:

Physical Attributes:

Physical Requirements:

Pay Range:

Benefits of working at Microchip

Microchip Technology Inc is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

For more information on applicable equal employment regulations, please refer to the Know Your Rights: Workplace Discrimination is Illegal Poster.

To all recruitment agencies: Microchip Technology Inc. does not accept unsolicited agency resumes. Please do not forward resumes to our recruiting team or other Microchip employees. Microchip is not responsible for any fees related to unsolicited resumes.