Engineering Lab CMMC Intern

Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges-and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do.

The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day-working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities for career growth, and a culture of innovation that embraces adaptability, collaboration, technical excellence, and people in partnership.

If this sounds like the choice you want to make, then choose MITRE - and make a difference with us.

MITRE's Electronic Systems Security department is seeking a Cybersecurity Compliance Intern with foundational CMMC experience to support our compliance program and help stand up/maintain a secure, consistent Long-Term Support (LTS) environment for endpoints and servers. This internship is ideal for a student who has hands-on exposure to CMMC/NIST 800-171 concepts and wants real-world experience implementing controls, documenting evidence, and improving system configuration and patching practices.

Roles & Responsibilities :

* Assist with maintaining and updating compliance documentation (e.g., SSP, POA&M, network/service inventories, asset inventories)

* Help collect and organize compliance evidence (screenshots, config exports, policy acknowledgements, logs) in a structured repository

* Support scoping activities: identifying in-scope systems, applications, accounts, and data flows involving CUI

* Participate in basic control implementation tasks aligned to NIST 800-171/CMMC Level 2 (e.g., access control, audit/logging, configuration management)

* Assist with configuring patching and update workflows consistent with an LTS approach (e.g., update rings, maintenance windows, rollback planning)

* Help implement and validate hardening baselines (e.g., CIS-aligned settings where applicable), local firewall rules, and least-privilege configuration

Basic Qualifications:

* Currently enrolled in (or recently completed) a cybersecurity program or related field

* Familiarity with CMMC concepts and/or NIST SP 800-171 (coursework, labs, internship, or prior job exposure)

* Basic competency with Windows administration and/or Linux fundamentals (accounts, services, permissions, logs)

* Comfort using command-line tools and troubleshooting (Power Shell and/or Bash)

* Strong documentation habits: can write clear steps, capture evidence, and keep organized records

* Ability to handle sensitive information appropriately and follow security procedures

* Basic understanding of networking (ports, protocols, SSH tunneling, segmentation)

* Effective oral and written communication skills

Preferred Qualifications:

* Exposure to any of: SSP/POA&M work, evidence collection, asset inventories, or audit prep

* Familiarity with endpoint management/patching tools (e.g., Intune, WSUS, SCCM, JAMF, apt/yum/dnf workflows)

* Familiarity with hardening guidance (CIS Benchmarks, STIG concepts) and basic firewall configuration

* Experience with Git, ticketing systems (Jira/Service Now), or documentation tools (Confluence/SharePoint)

This requisition requires the candidate to have a minimum of the following clearance(s):

Not Applicable

This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):

Not Applicable

Salary compensation range and midpoint:

$54,500 - $68,000 - $81,500 Annual

Work Location Type:

Hybrid

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local or international law.

MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE's employment process, please email recruiting help for general support and college recruiting for intern positions. This service is for individuals requiring reasonable accommodation requests. Please note that vendor solicitations will not receive a reply.

Benefits information may be found here.

Copyright , The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE…