Configuration Management Analyst
Remote - EST required
Contract through end of year - potential for extension
Rate: $45-$55/hour (W2)
We are looking for a motivated and detail-oriented Configuration Management Analyst to collaborate with our Security Architecture team in deploying and assessing defined configuration standards. The ideal candidate will play a crucial role in the continuous assessment of security baselines, detecting drift, and improving integration with our Attack Surface Management (ASM) and vulnerability management processes. Additionally, this role will involve the creation of reports and metrics on enforcement findings to support compliance and security initiatives.
Key Responsibilities:
- Collaborate closely with Security Architecture to implement and assess comprehensive configuration standards across the organization.
- Continuously evaluate security baselines to identify deviations or drift from established standards, ensuring that configurations remain compliant and secure.
- Improve integration between configuration management practices, ASM, and vulnerability management processes to enhance overall cybersecurity posture.
- Conduct regular audits and assessments of system and application configurations to ensure adherence to defined security baselines.
- Develop and maintain detailed documentation related to configuration management processes, security standards, and best practices.
- Generate and present reports detailing enforcement findings, including metrics that track compliance levels, deviations found, and remediation efforts.
- Work with cross-functional teams to promote awareness and adoption of configuration standards throughout the organization.
- Stay current with industry standards, regulations, and best practices related to configuration management and security baselines.
Knowledge and Tools:
Required:
- Strong understanding of Active Directory and Group Policy Object (GPO) configuration.
- Familiarity with CIS (Center for Internet Security) templates for establishing baseline security configurations.
Beneficial:
- Proficiency in Axonius for effective asset management and compliance tracking.
- Experience with System Center Configuration Manager (SCCM), Microsoft Intune, and Jamf for managing endpoint configurations.
- Understanding of Enterprise Architecture frameworks and methodologies.
- Knowledge of PingCastle or Semperis Toolkits for conducting directory security assessments and enhancing security measures.
Soft Skills:
- Strong Analytical & Problem-Solving Skills: Competence in assessing security configurations, identifying drift, and proposing effective solutions.
- Effective Communication & Reporting: Ability to convey technical findings and configuration compliance insights to both technical and non-technical stakeholders clearly.
- Detail-Oriented & Proactive: Diligent in monitoring configurations and implementing security best practices.
- Collaborative Attitude: Ability to work effectively with various teams to align configuration management objectives with organizational security goals.
Qualifications:
- Relevant certifications are preferred (e.g., CompTIA Security+, CISSP, CISA).
Experience:
- 2+ years of experience in configuration management, information security, or a related field with a focus on security baselines and standards enforcement.
- Demonstrated experience in developing and managing configuration reports and compliance metrics.
