Senior Manager Audit and Compliance

The Security Department’s overall mission is to identify and counter security threats to the MIT Lincoln Laboratory’s mission of development of game-changing technology in support of National Security, including guarding against compromise by foreign intelligence agencies and insider threats. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.

We foster a culture where security professionals are empowered to solve complex security problems in close collaboration with Laboratory research teams and Government counterparts. Our people are our most important resource, and we encourage a casual and flexible opportunity-filled working environment that is technology-focused. Where mission needs can be met, the Security Department encourages flexible schedules and hybrid remote work arrangements.

Who are we?

MIT Lincoln Laboratory is a Federally Funded Research and Development Center (FFRDC) whose mission is research in support of National Security.

• Mission - The Security Department’s (SD) overall mission is to enable research and development while keeping the Lincoln Laboratory community safe and secure through the protection of information, network, facilities and personnel.
• Culture – We foster an inclusive, opportunity-filled environment of empowered team members from diverse backgrounds
  
  
  

What will you do?

The Senior Security Manager, Audit & Compliance is responsible for leading the Laboratory’s independent security assurance and compliance program across unclassified, collateral, and special access environments. Reporting directly to the Chief Security Officer (CSO)/Chief Information Security Officer (CISO), this role provides objective oversight of security compliance, audit readiness, risk management, and continuous improvement efforts. The position operates independently from mission-support security functions and serves as a key advisor to executive leadership on organizational security posture, regulatory compliance, and inspection readiness.

Key Responsibilities

• Lead and manage the Laboratory’s security audit, compliance, inspection, and risk assessment programs.
• Supervise a team of security auditors, compliance specialists, and risk management professionals.
• Develop and implement audit methodologies, compliance monitoring processes, and risk-based assessment strategies.
• Plan and oversee self-inspections, government security reviews, compliance assessments, CMMC evaluations, CORA readiness activities, privacy reviews, and corrective action validation efforts.
• Prepare the organization for DCSA, Air Force, Intelligence Community, and program sponsor-led inspections and assessments.
• Monitor changes to government security regulations and provide guidance to leadership on compliance requirements and associated risks.
• Evaluate security controls, classified facility compliance, access control procedures, safeguarding practices, and physical security requirements.
• Develop compliance metrics, dashboards, and executive reports to measure program effectiveness and identify trends.
• Lead corrective and preventive action (CAPA) initiatives and continuous improvement efforts to strengthen security performance and reduce risk.
• Partner with Laboratory leadership, government representatives, and oversight organizations to ensure effective remediation and long-term compliance.
• Support policy development, governance initiatives, workforce training, and organizational awareness programs that promote a culture of compliance and accountability.
  
  
  

What you need/Requirements:

For this position, you must meet these basic requirements: Bachelor’s degree in Security Management, Cybersecurity, Information Assurance, Business Administration, Criminal Justice, or a related field, or equivalent combination of education and experience.

• Minimum of 10 years of experience in industrial security, compliance, audit, inspection, or risk management within a cleared defense, intelligence, federal research, or government contractor environment.
• Minimum of 7 years of leadership experience managing professional staff and complex security programs.
• Demonstrated success leading enterprise-level audit, compliance, inspection, or assessment programs and supporting government inspections.
• Strong knowledge of NISPOM 32 CFR Part 117, CUI requirements, DAAG, ICDs, DO Manuals, DoD security regulations, CMMC 2.0, NIST frameworks, risk management principles, and audit methodologies.
• Exceptional communication, analytical, and leadership skills, with the ability to brief senior executives, government officials, and external auditors.
• Candidates must possess one or more of the following audit, security, or compliance certifications, or be able to obtain it within 12 months of hire: Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified CMMC Assessor (CCA) ISO 19011 Lead Auditor Training Certificate
• Active Top Secret security clearance with eligibility for access to compartmented programs.
• Availability for occasional travel and after-hours support during security incidents or inspections.
• Position may require local and overnight travel.
• Subject to pre-employment and periodic background investigations.
  
  
  

Ideally, you will have:

• Experience supporting FFRDC/UARCs, Department of War organizations, Intelligence Community agencies, or major defense contractors.
• Experience with SAP, SCI, and compartmented security programs.
• Experience managing DCSA Security Vulnerability Assessments and other government oversight activities.
• Experience implementing governance, risk, and compliance (GRC) tools and leading enterprise continuous improvement initiatives.
• Professional certifications such as CISA, CISSP, CISM, CompTIA Security , CRISC, Certified CMMC Assessor (CCA), ISO 19011 Lead Auditor, or related security and compliance credentials.
  
  
  

Hiring Range: $138,600 - $183,600

Disclaimer: MIT Lincoln Laboratory provides a typical hiring range as a good faith estimate of what we reasonably expect to offer for this position at the time of posting. The final salary offered to a selected candidate will depend on various factors, including—but not limited to—the scope and responsibilities of the role, the candidate’s experience, skills and education/training, internal equity considerations and applicable legal requirements. This range reflects base salary only and does not include additional forms of compensation or benefits.

At MIT Lincoln Laboratory, our exceptional career opportunities include many outstanding benefits to help you stay healthy, feel supported, and enjoy a fulfilling work-life balance. Benefits offered to employees include:

• Comprehensive health, dental, and vision plans
• MIT-funded pension
• Matching 401K
• Paid leave (including vacation, sick, parental, military, etc.)
• Tuition reimbursement and continuing education programs
• Mentorship programs
• A range of work-life balance options
• ... and much more!
  
  
  

Please visit our Benefits page for more information. As an employee of MIT, you can also take advantage of other voluntary benefits, discounts and perks .

Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Secret level DoD security clearance.

MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.

Requisition ID: 43108