View all jobs

Secure Configuration Compliance Engineering

Washington, DC
ClearFocus Technologies, a HUBZone certified company, is located in Leesburg, VA. We specialize in cybersecurity and support multiple government and commercial clients for a variety of missions. We value our clients, integrity and employees and believe a single person can make a difference!  

We are committed to attracting and retaining the best and brightest talent who desire to work with industry leading technology to stay on top of their profession. We provide an excellent benefit package which includes medical, dental, vision, paid time off, 401(k), paid professional development reimbursement and more! 

We are seeking a Configuration Compliance Engineer to do the following tasks:
  • Analyze existing systems for security configuration compliance requirements and engineer processes for improvements. The contractor staff will have competency in assessing and recommending security integration with development activities in an Agile environment.
  • Analyze and provide reports for software, application (including enterprise configuration of mobile apps) and hardware, privacy, and security assurance testing in a secure test environment to determine the impact of implementation on the OIG information assurance posture. 
  • Analyze Federal/NIST desktop configuration compliance policy and produce recommended hardware and software configurations to align with privacy and security recommendations and best practices. 
  • At the request of the COR, compare current desktop configuration at OIG against federal recommendations to identify and document deviations. 
  • Develop configuration compliance testing templates using tools provided by OIG and incorporating standards such as United States Government Baseline Configuration 
    (USGBC) and DISA Secure Technical Implementation Guides (STIGs). 
  • Meet applicable federal compliance recommendations when creating this template and will document which federal standard(s) are used to develop each baseline and the rationale behind that decision. 
  • Generate Security Configuration Compliance reports of OIG systems using system compliance management tools and deliver the reports to the COR. The contractor shall, at a minimum, consider industry best practices, HHS and OIG policies, and Federal/NIST/OMB policy when discussing and making recommendation for configuration compliance. 
  • Assess the security of software, applications, and mobile applications for use in the OIG enterprise environment and make risk-based recommendations using their understanding of the OIG risk posture. 
  • Contractor will support approximately 11 FISMA systems. 
  • Active Public Trust 

COVID-19 Policy: In accordance with Executive Order 14042, all newly hired employees must be able to provide proof of vaccination prior to starting employment or receive approval for a medical or religious exception.


Share This Job

Powered by