Senior Manager Audit and Compliance

MIT Lincoln Laboratory•Lexington, MA

1d•$138,600 - $183,600•Hybrid

About The Position

The Security Department’s overall mission is to identify and counter security threats to the MIT Lincoln Laboratory’s mission of development of game-changing technology in support of National Security, including guarding against compromise by foreign intelligence agencies and insider threats. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies. We foster a culture where security professionals are empowered to solve complex security problems in close collaboration with Laboratory research teams and Government counterparts. Our people are our most important resource, and we encourage a casual and flexible opportunity-filled working environment that is technology-focused. Where mission needs can be met, the Security Department encourages flexible schedules and hybrid remote work arrangements. MIT Lincoln Laboratory is a Federally Funded Research and Development Center (FFRDC) whose mission is research in support of National Security. Mission - The Security Department’s (SD) overall mission is to enable research and development while keeping the Lincoln Laboratory community safe and secure through the protection of information, network, facilities and personnel. Culture – We foster an inclusive, opportunity-filled environment of empowered team members from diverse backgrounds.

Requirements

Bachelor’s degree in Security Management, Cybersecurity, Information Assurance, Business Administration, Criminal Justice, or a related field, or equivalent combination of education and experience.
Minimum of 10 years of experience in industrial security, compliance, audit, inspection, or risk management within a cleared defense, intelligence, federal research, or government contractor environment.
Minimum of 7 years of leadership experience managing professional staff and complex security programs.
Demonstrated success leading enterprise-level audit, compliance, inspection, or assessment programs and supporting government inspections.
Strong knowledge of NISPOM 32 CFR Part 117, CUI requirements, DAAG, ICDs, DO Manuals, DoD security regulations, CMMC 2.0, NIST frameworks, risk management principles, and audit methodologies.
Exceptional communication, analytical, and leadership skills, with the ability to brief senior executives, government officials, and external auditors.
Candidates must possess one or more of the following audit, security, or compliance certifications, or be able to obtain it within 12 months of hire: Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified CMMC Assessor (CCA) ISO 19011 Lead Auditor Training Certificate
Active Top Secret security clearance with eligibility for access to compartmented programs.
Availability for occasional travel and after-hours support during security incidents or inspections.
Position may require local and overnight travel.
Subject to pre-employment and periodic background investigations.

Nice To Haves

Experience supporting FFRDC/UARCs, Department of War organizations, Intelligence Community agencies, or major defense contractors.
Experience with SAP, SCI, and compartmented security programs.
Experience managing DCSA Security Vulnerability Assessments and other government oversight activities.
Experience implementing governance, risk, and compliance (GRC) tools and leading enterprise continuous improvement initiatives.
Professional certifications such as CISA, CISSP, CISM, CompTIA Security+, CRISC, Certified CMMC Assessor (CCA), ISO 19011 Lead Auditor, or related security and compliance credentials.

Responsibilities

Lead and manage the Laboratory’s security audit, compliance, inspection, and risk assessment programs.
Supervise a team of security auditors, compliance specialists, and risk management professionals.
Develop and implement audit methodologies, compliance monitoring processes, and risk-based assessment strategies.
Plan and oversee self-inspections, government security reviews, compliance assessments, CMMC evaluations, CORA readiness activities, privacy reviews, and corrective action validation efforts.
Prepare the organization for DCSA, Air Force, Intelligence Community, and program sponsor-led inspections and assessments.
Monitor changes to government security regulations and provide guidance to leadership on compliance requirements and associated risks.
Evaluate security controls, classified facility compliance, access control procedures, safeguarding practices, and physical security requirements.
Develop compliance metrics, dashboards, and executive reports to measure program effectiveness and identify trends.
Lead corrective and preventive action (CAPA) initiatives and continuous improvement efforts to strengthen security performance and reduce risk.
Partner with Laboratory leadership, government representatives, and oversight organizations to ensure effective remediation and long-term compliance.
Support policy development, governance initiatives, workforce training, and organizational awareness programs that promote a culture of compliance and accountability.