Configuration Manager

MANTECH seeks a motivated, career and customer-oriented Subject Matter Expert level Configuration Manager to join our team in Washington, D.C.

Responsibilities include, but are not limited to:

• Develop and maintain configuration management (CM) plans, policies, and baselines to support system development and operational environments
• Manage the Security Assessment and Authorization (SAA) process, ensuring systems comply with approved security policies and are properly maintained and transitioned into GRC tools
• Define and recommend system security controls, impact levels, and authorization boundaries in coordination with system owners and Authorizing Officials
• Coordinate and facilitate interconnection agreements (ISAs, MOUs, MOAs) for systems integrating with external or joint-use environments
• Conduct independent reviews of System Security Plans (SSPs), determine testing requirements, and support security control validation efforts
• Lead security inspections, testing, and ATO package submissions, while advising leadership on vulnerabilities, residual risks, and compliance status
• Support change and configuration management processes, including tracking Requests for Change (RFCs), maintaining documentation, and delivering executive-level briefings and stakeholder communications

Minimum Qualifications:

• Must possess a Bachelor’s degree and 16 years’ experience in a related technical environment or Master’s degree and 13 years’ experience in a related technical environment
• Must possess a minimum of 5 years of related management experience.
• Must hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP), Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP), or Certified Information System Manager (CISM).
• Experience operating security tools such as Tenable Nessus/Security Center, IBM Guardium, HP WebInspect, NMAP, or similar technologies
• Strong knowledge of RMF and ATO/SAA processes, including NIST SP 800-53 and FISMA compliance requirements
• Hands-on experience with configuration management, system baselining, and change control processes
• Familiarity with GRC tools (e.g., eMASS, Xacta, Archer), including POA&M tracking, and experience developing/reviewing SSPs and security controls

Preferred Qualifications:

• Experience with the Federal Risk and Authorization Management Program (FedRAMP).
• Knowledge of advanced forensic tools and techniques for attack reconstruction.
• Knowledge in Network Security – Firewall, Intrusion detection/prevention systems (IDS/IPS) and other network defense mechanisms.
• Experience in designing and building complex systems from ground up.
• Familiarity with Cloud platforms (AWS, Azure, Google Cloud) and securing cloud environment.

Security Clearance Requirements:

• Must have a current/active Top Secret security clearance and be willing and able to obtain SCI eligibility prior to start.
• Must be willing to sit for a polygraph if required

Physical Requirements:

• Must be able to remain in a stationary position 50%.
• Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.
• Often positions self to maintain computers in the lab, including under the desks and in the server closet.
• Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.