Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities for career growth, and a culture of innovation that embraces adaptability, collaboration, technical excellence, and people in partnership. If this sounds like the choice you want to make, then choose MITRE - and make a difference with us.
MITRE’s Electronic Systems Security department is seeking a Cybersecurity Compliance Intern with foundational CMMC experience to support our compliance program and help stand up/maintain a secure, consistent Long-Term Support (LTS) environment for endpoints and servers. This internship is ideal for a student who has hands-on exposure to CMMC/NIST 800-171 concepts and wants real-world experience implementing controls, documenting evidence, and improving system configuration and patching practices.
Roles & Responsibilities:
- Assist with maintaining and updating compliance documentation (e.g., SSP, POA&M, network/service inventories, asset inventories)
- Help collect and organize compliance evidence (screenshots, config exports, policy acknowledgements, logs) in a structured repository
- Support scoping activities: identifying in-scope systems, applications, accounts, and data flows involving CUI
- Participate in basic control implementation tasks aligned to NIST 800-171/CMMC Level 2 (e.g., access control, audit/logging, configuration management)
- Assist with configuring patching and update workflows consistent with an LTS approach (e.g., update rings, maintenance windows, rollback planning)
- Help implement and validate hardening baselines (e.g., CIS-aligned settings where applicable), local firewall rules, and least-privilege configuration
Basic Qualifications:
- Currently enrolled in (or recently completed) a cybersecurity program or related field
- Familiarity with CMMC concepts and/or NIST SP 800-171 (coursework, labs, internship, or prior job exposure)
- Basic competency with Windows administration and/or Linux fundamentals (accounts, services, permissions, logs)
- Comfort using command-line tools and troubleshooting (PowerShell and/or Bash)
- Strong documentation habits: can write clear steps, capture evidence, and keep organized records
- Ability to handle sensitive information appropriately and follow security procedures
- Basic understanding of networking (ports, protocols, SSH tunneling, segmentation)
- Effective oral and written communication skills
Preferred Qualifications:
- Exposure to any of: SSP/POA&M work, evidence collection, asset inventories, or audit prep
- Familiarity with endpoint management/patching tools (e.g., Intune, WSUS, SCCM, JAMF, apt/yum/dnf workflows)
- Familiarity with hardening guidance (CIS Benchmarks, STIG concepts) and basic firewall configuration
- Experience with Git, ticketing systems (Jira/ServiceNow), or documentation tools (Confluence/SharePoint)
This requisition requires the candidate to have a minimum of the following clearance(s):
Not Applicable
This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):
Not Applicable
Salary compensation range and midpoint:
$54,500 - $68,000 - $81,500 Annual
Work Location Type:
Hybrid
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local or international law.
MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org for general support and collegerecruiting@mitre.org for intern positions. This service is for individuals requiring reasonable accommodation requests. Please note that vendor solicitations will not receive a reply.
Benefits information may be found here.
Copyright © 1997-2026, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.
