ITSecuritySpecialist–Mid-SecCMSpecialist

**_Job Family_ :** IT Cyber Security ** _Travel Required_ :** Up to 10% **_Clearance Required_ :** Active Secret ** _What You Will Do_ :** Guidehouse is looking for an experienced professional with experience in building, managing, and controlling the secure configurations of information systems for federal organizations. Your duties will include managing and controlling secure configurations of over 200 information systems for a federal client with a critical and high-profile mission in accordance with NIST 800-128 guidance and applicable federal and organizational policies to enable security and facilitate the management of risk. You will use Security-Focused Configuration Management (SecCM) to build on the general concepts, processes, and activities of configuration management by attention on the implementation and maintenance of the established security requirements of the organization and systems. You will ensure information security configuration management requirements are integrated into (or complement) existing organizational configuration management processes (e.g., business functions, applications, products) and information systems. Additional SecCM duties and activities include: o Identification and recording of configurations that impact the security posture of the system and the organization. o The consideration of security risks in approving the initial configuration. o The analysis of security implications of changes to the system configuration. o Documentation of the approved/implemented changes. o Qualitative and quantitative research to support work assignments for meeting the deliverable objective. o Qualitative and quantitative analyses for assigned tasks. o Compilation of research, findings, and other information into written formats such as white papers, reports, presentations, and other forms of technical documentation o Participation in policy development for configuration management. o Configuration management planning and management. o Con