IT Compliance Auditor Sr Principal (Remote)
This job is no longer available
There are still lots of open positions. Let's find the one that's right for you.
About The Position
BAE Systems, Inc. is seeking an IT Compliance Auditor Sr Principal, focused on CMMC and internal audit efforts, to join our Audit Engagement team within the Governance and Compliance team, under the Enterprise Shared Services (ESS) IT Delivery Organization. The Audit Engagement Team delivers a centralized hub for comprehensive guidance to ensure consistent and efficient audit engagement and audit compliance operations across the enterprise. This role will merge the existing internal audit responsibilities, with specialized CMMC audit requirements, resulting in a new comprehensive integrated audit role. It involves overseeing and leading both internal audits and CMMC audit readiness efforts to ensure compliance, improve processes, and mitigate risks in line with organizational and regulatory standards. The primary purpose of this role is to develop a comprehensive, company-wide Cybersecurity Maturity Model Certification (CMMC) compliance program, ultimately leading CMMC audit preparation and execution across sector and enterprise levels. This role involves defining the approach, creating schedules, leading internal assessments, conducting control gap analysis, and tracking progress by reporting on status and trends. This role will also function as a liaison for internal audit efforts for Enterprise Shared Services. The selected candidate will work closely with program managers and systems owners to execute an internal audit and CMMC preparation strategy, improving control activities, building efficiencies, enhancing effectiveness, and ensuring consistency. A key component is building strong relationships across teams to ensure alignment to implement required changes, coordinating with external auditors for the certification process, reporting status to leadership, and ensuring ongoing compliance with controls, policies, and standards through continuous monitoring. The role is a key individual whose responsibilities directly contribute to maintaining a strong, compliant cybersecurity posture within BAE Systems Inc.
