Secure Configuration Management SME/Technical Lead

Description

MBL Technologies, Inc. offers a diverse set of management and technology consulting services to Federal government and commercial markets. Our solutions are tailored to support each client’s mission, accounting for their unique needs and operating environments to ensure success. We bring the right people, capabilities, and expertise together to assist our clients with enabling their mission. Together our individual differences drive successful business results.

If you are transitioning from military to civilian life, have prior service, are a retired veteran, or a member of the National Guard or Reserves, or spouse of an active military service member, we encourage you to apply. Please visit our webpage for information on our policies and benefits for the military and veteran community.

Why Work with Us?

• We trust, empower, and believe in our employees to soar to their fullest potential! 
• We offer a robust benefits package (medical, dental, vision, STD, Accident, Life, Hospital Insurance, FSA, HSA, 401K match, professional development stipend, etc.).
• We love to have fun and give back to the community. Community Service and Employee Engagement events are atop our calendar events!
• We genuinely like each other and champion everyone to achieve their own greatness! 

MBL Technologies is seeking a Secure Configuration Management (SCM) Subject-Matter Expert (SME) / Technical Lead to support a federal cybersecurity mission focused on strengthening enterprise security posture through standardized configuration management. The successful candidate will serve as the technical authority and program lead for the design, development, and implementation of secure configuration baselines across diverse operating systems, cloud services, and enterprise applications. This role requires deep technical expertise, strong understanding of federal cybersecurity frameworks, and proven experience leading collaborative initiatives to ensure compliance with federal standards and directives. 

This role is mostly remote; however, it will require occasional onsite meetings in the Bethesda, MD area. With no travel reimbursements allocated. This role is contingent based on contract award.

Key Responsibilities:

• Lead the development, validation, and implementation of agency-specific secure configuration baselines in alignment with federal standards and frameworks such as: CIS Benchmarks, NIST SP 800-53 Rev.5, NIST Baseline Checklist Repository, and CISA BOD 25-01 SCuBA Secure Configuration Baselines. 
• Assess foundational standards, federal directives, and agency policies to develop tailored baselines supporting both mission and business objectives.
• Develop and maintain implementation resources such as Group Policy Objects (GPOs), BigFix fixlets, and configuration templates for Windows, macOS, and Linux operating systems, as well as enterprise platforms (e.g., Microsoft 365, AWS, Azure, GCP, web browsers, and databases).
• Ensure secure configuration standards are consistently applied across all systems and environments, including on-premises, hybrid, and cloud infrastructures.
• Utilize and manage MDM and configuration management tools such as BigFix, Intune, and Jamf for baseline deployment, automation, and deviation tracking.
• Develop and maintain technical control sets, including compliance scanning policies and automated enforcement mechanisms.
• Integrate and operate enterprise scanning tools (e.g., Tenable.SC, Nessus, SCAP) for secure configuration validation and reporting.
• Conduct continuous compliance assessments and ensure baselines are aligned with evolving federal mandates, risk management frameworks, and agency cybersecurity objectives.
• Lead cross-organizational configuration management working groups that include cybersecurity, IT operations, and system administration stakeholders.
• Collaboratively develop and refine secure configuration standards that balance compliance with mission and operational requirements.
• Serve as the technical lead and advisor guiding stakeholders through the design, testing, and enforcement of configuration controls and enterprise hardening initiatives.
• Provide executive-level briefings, technical guidance, and recommendations to senior leadership on configuration management compliance and risk posture.
• Produce and maintain comprehensive documentation, including Standard Operating Procedures (SOPs), business justifications, risk assessments and mitigation plans, technical implementation guides, executive summaries, and progress reports.
• Create and deliver clear, actionable technical and programmatic guidance to multiple audiences, from engineers to executives.

Required Qualifications / Skills:

• Demonstrated expertise in secure configuration management, hardening, and compliance across enterprise environments.
• Advanced knowledge of federal cybersecurity frameworks and standards, including CIS Benchmarks, NIST SP 800-53 Rev. 5, NIST Baseline Checklist Repository, and CISA SCuBA Secure Configuration Baselines.
• Proficiency in GPO management, configuration automation, and MDM tools (e.g., Jamf, BigFix, Intune).
• Experience with enterprise compliance scanning and validation tools, including Tenable.SC, Nessus, or SCAP.
• Ability to develop, maintain, and track baseline compliance scanning policies and deviation reports.
• Exceptional written and verbal communication skills for developing technical documentation and executive briefings.
• Proven leadership experience guiding technical teams and coordinating with stakeholders to achieve enterprise-wide configuration compliance.

Preferred Qualifications / Skills:

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field (preferred).
• 5+ years of experience managing secure configuration management programs in large-scale enterprise or federal environments.
• Industry certifications such as CISSP, CISM, CAP, CompTIA Security+, or GCCC (GIAC Critical Controls Certification).
• Experience with secure configuration of cloud platforms (AWS, Azure, GCP) and enterprise collaboration tools (Microsoft 365).
• Familiarity with federal cybersecurity programs and continuous monitoring initiatives (e.g., CDM, FISMA, RMF). 

MILITARY OCCUPATIONAL SPECIALTY CODES (MOS codes):

170A, 170D, 17A, 17B, 17C, 17D, 24B, 25B, 47D, 94F, IT, 17 5309, 6203, 9735, 9740, 9890, 9891    

Corporate Citizen:

MBL Technologies’ vision is to make a positive difference – for our people, our customers, and our communities. As such, a commitment to service and excellence has been woven into the very fabric of our culture. MBL employees demonstrate a willingness to consistently go above and beyond and strive for excellence in all we do – championing, protecting, and celebrating the core business through the mission, vision, and values. All are expected to be good corporate citizens, supporting one another and internal corporate initiatives to build a stable business platform and ensure lasting company success.

Benefits:

MBL Technologies offers a competitive salary adjusted for candidate qualifications partnered with an industry-leading benefits package. This package includes incentive plans with corporate and individual-based performance bonuses, 401K, PTO, remote work, health and wellness programs, employee discounts, and learning and development reimbursement.

Eeo Statement:

MBL Technologies is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status.