Share this Job

Information Security - Configuration Manager Engineer

Date: Jun 11, 2021

Location: Atlanta, GA, US, 30309

Company: Norfolk Southern Corp.

Requisition 25287: #LI-EB1 


Job Description

The Configuration Manager (CM) role requires a strong background in security as it relates to platform infrastructure, application security, and other aspects of network/cloud infrastructure security. The Configuration Management Engineer has the responsibility of designing and establishing configuration change management processes, standards, documentation, and SOPs. Works on developmental and operational teams to create and maintain configuration baselines (development, test, production, etc.) supporting developmental and operational systems. The candidate will use or recommend automated CM tools to implement CM policies and procedures. Develops or modifies CM plans, policies, and procedures tailored to the complexity and scope of the developmental or operational system. Implement CM discipline for the entire life cycle of systems from initial requirements/capabilities baselines to system end-of-life. Perform change control and configuration audits.

Primary Responsibilities and Essential Functions include:

  • Plan and execute Configuration Management (CM) throughout the project lifecycle, including development, migration, deployment, and security phase
  • Develop and maintain overall Configuration Management Plan for the program - Ensure an accurate Risk Registry while incorporating modernization initiatives
  • Identify CIs (i.e., hardware, software, documentation configuration items) and enter them into the Risk Registry
  • Continuous configuration scanning, prioritization, and reporting of vulnerabilities throughout on-premise and cloud-based environments across both enterprise and service provider networks. 
  • Assist in implementing hardware and software version control processes, policies, and procedures
  • Direct cross-functional, cross-department teams in remediating non-compliant configurations 
  • Work closely with Application team and utilize DevSecOps principles to drive the technology release strategy, execution, and improvements from third-party software changes (i.e., software version updates, major upgrades, patches, and bug-fixes)
  • Develop key performance indicators for the configuration management process
  • Review and update configuration management processes as needed

Job Related Experience:

Preferred Level: 5+ years of related experience required



Preferred Level: Bachelor’s degree in information systems, information security, computer science, engineering, and 4+ years of information security, networking and/or systems administration experience; or 6+ years of information security experience without a degree. 


Licenses / Certifications:

Preferred: Certified Information Systems Security Professional (CISSP), PCI ISA/QSA, CompTIA Security +, ITIL

Skills Required:

  • Experience in ITIL Service Asset & Configuration Management
  • Solid understanding of Risk Management frameworks, Security frameworks & Data Protection regulations
  • Strong leadership, collaborative, and interpersonal skills including the ability to lead across multiple business and technology organizations.
  • 2+ years of experience designing, building, implementing, and/or maintaining vulnerability and configuration management technologies in an enterprise level environment. 
  • Experience with Linux, Windows, networking, iOS (mobile), Android, IOT configuration management 
  • Excellent interpersonal, leadership, presentation, and collaborative skills to work effectively with teams throughout organization. 
  • Ability to influence across functional teams to achieve desired business results. 
  • Detailed knowledge of configuration management, software security, red team concepts, tools, and trends. 
  • Capable of working independently and involving leadership as necessary

Skills Desired:

  • Knowledge in Cloud based platforms e.g. AWS, Azure
  • Knowledge in containerized environments e.g. Docker, Kubernetes etc
  • Experience in Web Application vulnerability management
  • Some knowledge using any of Qualys/Tenable/Rapid 7/Nexpose Vulnerability Manager
  • Experience in Splunk Enterprise Security tool
  • Experience with Inventory Management tool

Work Conditions

Environment: Office, currently working Remote due to COVID-19

Shift Work: No

On-Call: Yes

Weekend Work: As Required

Travel Required: 0-2 Days per Month

New Headquarters – Atlanta, GA


Norfolk Southern is in the process of constructing a vibrant & modern corporate HQ in Midtown Atlanta, GA. Our HQ is scheduled for completion in the summer of 2021. To check out a sneak peek, we’ve linked a playlist below.







Company Overview



Norfolk Southern Corporation (NYSE: NSC) is a Fortune 300 organization and one of the nation’s premier transportation companies. Its Norfolk Southern Railway Company subsidiary operates approximately 19,500 route miles in 22 states and the District of Columbia, serves every major container port in the eastern United States, and provides efficient connections to other rail carriers.


We are a team of more than 20,000 employees working together to maintain our reputation as "The Thoroughbred of Transportation." As an industry leader, Norfolk Southern offers a competitive salary and an excellent benefits package.


At Norfolk Southern, we believe in celebrating our individuality. By leveraging the unique backgrounds and viewpoints of our employees, we can create a culture of innovation, respect, and inclusion. We know that employees thrive in a workplace where differing viewpoints, ideas, and experiences are freely shared and valued. As such, we encourage all employees to contribute their distinctive skills and capabilities to our organization.


Equal employment opportunities are available to all applicants regardless of race, color, religion, age, sex, national origin, disability status, genetic information, veteran status, sexual orientation and, gender identity. Together, we power progress.



Don’t just work here, Thrive here.


Nearest Major Market: Atlanta