Senior Configuration Manager

Senior Configuration Manager

Requirements

• Active Top Secret/SCI (TS/SCI) with Polygraph security clearance required. Must be U.S. Citizen.
• Master’s degree with 15 to 20 years of prior relevant experience or Doctorate with 13 to 16 years of prior relevant experience. Experience may be considered in lieu of degree.

Responsibilities

• Oversee and enhance configuration management strategies for mission-critical systems that are essential to national security.
• Drive strategic initiatives, ensure compliance with rigorous standards, and collaborate with cross-functional teams to deliver innovative, secure, and efficient solutions.
• Develop and enforce a Cybersecurity Configuration Management Plan (CMP) aligned with DoD cybersecurity policies.
• Integrate CM practices with cybersecurity objectives to ensure that systems remain secure, resilient, and compliant with DoD cybersecurity frameworks.
• Identify and document cybersecurity-related Configuration Items (CIs), such as: Operating systems, firewalls, and intrusion detection/prevention systems (IDS/IPS). Critical security patches, configurations, and software baselines.
• Establish and maintain secure system baselines for hardware, software, and network configurations to mitigate vulnerabilities.
• Oversee cybersecurity-specific change management processes, ensuring all updates and modifications are reviewed for potential security impacts before implementation.
• Facilitate Patch Management: Track, test, and deploy security patches to eliminate vulnerabilities in a controlled and timely manner. Ensure compliance with DoD Vulnerability Management (e.g., DoD Cyber Hygiene Scorecard, IAVM alerts).
• Coordinate with the cybersecurity team to assess risks and test changes in isolated environments before deployment.
• Regularly assess and validate the integrity of system configurations to detect unauthorized changes or misconfigurations.
• Maintain configuration documentation for cybersecurity-critical components (e.g., firewall rulesets, encryption configurations, and network topology diagrams).
• Ensure secure storage and controlled access to sensitive documentation and system baselines, adhering to DoD information security standards.
• Identify risks associated with misconfigurations or deviations from secure baselines.
• Collaborate with cybersecurity teams to address vulnerabilities introduced by configuration changes, implementing mitigations as part of the CM process.
• Monitor and enforce compliance with DoD Cybersecurity Maturity Model Certification (CMMC) requirements.
• Automate detection of unauthorized changes using tools like SCAP-compliant scanners or SIEM solutions to ensure continuous monitoring.
• Train technical teams on cybersecurity configuration best practices, emphasizing secure baseline management and change control processes.
• Work closely with cybersecurity, network engineering, and risk management teams to ensure that CM practices support the program’s cyber defense objectives.

Preferred Qualifications

• Experience working with mission-critical or government systems, especially in regulated environments
• Expertise with configuration management tools such as ServiceNow or similar systems.
• Knowledge or IT or certifications in service management frameworks such as ITIL or DevOps.
• Project Management certifications (PMP, PRINCE2).
• Security certifications such as CompTIA Security+ or CISSP.