**Due to the contract and nature of the work US Citizenship is required**
Working at Edgewater Federal Solutions:
Edgewater Federal Solutions is a privately held government contracting firm located in Frederick, MD. The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services, and timely delivery. Edgewater Federal Solutions is ISO 9001, 20000-1, 270001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named in the Top Workplaces in the Greater Washington Area Small Companies for 2018 through 2024.
Job Summary:
Edgewater Federal Solutions is seeking an SCM SME who will be responsible for designing, implementing, operating, and maturing the centralized SCM program for a large Federal agency in the health sciences sector. The SCM program will be an integral part of the broader Vulnerability Management program and will direct the SCM requirements to disparate downstream organizations. The SCM SME will be expected to integrate the SCM program with other critical cybersecurity operations and teams including Cyber Threat Intelligence (CTI), Threat Hunting, Red Team, SOC, and Incident Response. The SCM SME will also be expected to integrate the SCM program with other non-cybersecurity teams throughout the Office of the Chief Information Officer (OCIO). This role will be responsible for developing and maintaining all required documentation, SOPs, and wikis for agency-wide consumption. Additionally, this role will require managing relationships with government Client counterparts at the GS-14/15 level and influencing internal contract staff to deliver contract outputs.
ResponsibilitiesKey Responsibilities:
The SCM SME will be responsible for designing, implementing, operating, and maturing the centralized SCM program for a large Federal agency in the health sciences sector. Primary responsibilities include:Ensure the SCM program is governed by standardized policies, aligned with industry frameworks (CIS, NIST, DISA STIGs, ISO 27001), and integrated with IT Service Management (ITSM) and Change Management processes.Establish secure baseline configurations for all operating systems (Windows, macOS, Linux) and cloud environments (AWS, Azure, GCP) while enforcing compliance through automated configuration management tools (Ansible, SCCM, Terraform, AWS Config, Azure Policy).Perform continuous monitoring and drift detection via SCAP-compliant scanning tools (Nessus, Qualys, OpenSCAP), combined with SIEM/SOAR integration (Splunk, Sentinel) to detect and remediate misconfigurations in real-time.Ensure the program is embedded into DevSecOps pipelines using Infrastructure as Code (IaC) and Policy as Code, ensuring security in cloud and hybrid environments.Establish access controls that follow least privilege principles with Privileged Access Management (PAM) and RBAC/ABAC enforcement, while Cloud Security Posture Management (CSPM) solutions provide continuous visibility across multi-cloud infrastructures.Collaborate with Incident Response to incorporate misconfiguration threat intelligence (MITRE ATT&CK) and SOAR automation to rapidly contain security risks.Ensure the SCM program is measurable through compliance reporting dashboards (Power BI, ServiceNow) and supported by regular training and awareness programs to enforce accountability across IT, security, and DevOps teams. Qualifications BA/BS degree from an accredited university in a related field.7 years of direct hands-on experience or more in SCM or VM related field.3 years of experience or more at the SME level with leadership responsibitlities.Technical Expertise in Secure Configuration ManagementDeep knowledge of operating system security hardening across:Windows (Group Policy Objects, PowerShell DSC, SCCM)macOS (Jamf, Apple Configurator, CIS macOS Benchmarks)Linux (SELinux, AppArmor, Ansible, Puppet, Chef)Expertise in cloud security configurations for:AWS (AWS Config, Security Hub, CloudFormation, Terraform)Azure (Azure Policy, Microsoft Defender for Cloud, ARM Templates)GCP (Security Command Center, Forseti, Google Deployment Manager)Strong understanding of network security device configurations, including firewalls (Cisco, Palo Alto, Fortinet), VPNs, IDS/IPS, and load balancers.Experience with SCM Tools & AutomationConfiguration Management & Automation Tools:Ansible, Puppet, Chef (for Linux, Windows automation)Terraform, CloudFormation, ARM Templates (Infrastructure as Code for cloud environments)PowerShell, Python, Bash scripting for automating compliance checksSCAP Compliance & Security Benchmarking:SCAP-compliant tools (OpenSCAP, Nessus, Tenable.SC, CIS-CAT Pro, Qualys)System Hardening tools (STIG Viewer, Tripwire, Lynis)SIEM/SOAR & Security Monitoring:Splunk, Microsoft Sentinel, Elastic Stack, Palo Alto XSOAR for monitoring misconfigurations and security eventsDeep Understanding of Compliance & Regulatory StandardsNIST 800-53, CIS Benchmarks, DISA STIGsISO 27001, FedRAMP, CMMC, PCI-DSS, HIPAA, SOXCloud security compliance (AWS Foundational Security Best Practices, Azure Security Benchmark, Google Cloud Security Foundation)Strong Knowledge of Security Governance & Risk ManagementAbility to develop and enforce SCM policies, governance frameworks, and audit processes.Experience working with Change Advisory Boards (CABs) and IT Service Management (ITSM) processes.Strong understanding of risk-based security approaches, balancing security controls with operational efficiency.DevSecOps & Infrastructure as Code (IaC) IntegrationExperience integrating SCM into CI/CD pipelines for cloud and on-prem environments.Familiarity with:Policy-as-Code tools (Open Policy Agent, Sentinel)DevOps platforms (GitHub Actions, GitLab CI/CD, Jenkins, Azure DevOps)Incident Response & Threat IntelligenceUnderstanding of misconfiguration-based attack vectors (MITRE ATT&CK techniques such as T1078, T1578).Experience integrating misconfiguration detection into SOC workflows.Ability to automate response playbooks with SOAR platforms.Leadership & Communication SkillsExperience leading enterprise-level SCM programs and working across Security, IT Operations, Cloud, and DevOps teams.Ability to collaborate with executive leadership (CISO, CIO, CTO) to drive SCM initiatives.Strong reporting and presentation skills, using Power BI, ServiceNow, or security dashboards to communicate compliance status and risks.Preferred Qualifications:
Direct, demonstrable experience designing, building, operating, and maturing an SCM program for a Fortune-100 level organization in either the commercial or government space.Possess relevant, active industry certifications including but not limited to CISSP, CISM, CISA, PMP, GCSA, GCWN, GCUX, RHCE, and/or AWS, GCP, or Azure architecture or security certifications.
About Us:
Edgewater Federal Solutions is a privately held government contracting firm located near Frederick, MD. The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services, and timely delivery. Edgewater is ISO 9001, 20000-1, 27001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named in the Top Workplaces in the Greater Washington Area Small Companies for 2018 through 2024.
It has been and continues to be the policy of Edgewater Federal Solutions to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, and/or other status protected by applicable law.
Options Apply for this job onlineApplyShareEmail this job to a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed Application FAQs
Software Powered by iCIMS
www.icims.com