Enterprise Active Directory Systems Engineer - Senior
Job Number : 711629
Location : Fort Huachuca, AZ
Shift : 1st
Security Clearance Status : Active and/or Able to Obtain
Security Clearance Type : Secret
US Citizenship Required : Yes
Job Level : Individual Contributor
Employment Status : Regular Full-Time
Travel : Up to 25%
As an Enterprise Active Directory Systems Engineer - Senior ( Systems Engineer IV ), you will provide engineering and level III technical support to the U.S. Army Network Enterprise Technology Command (NETCOM), Assistant Chief of Staff (ACofS), G-5. You will support the Army’s enterprise implementation and migration plans by providing technical solutions in one or more of these areas: Enterprise Directory Services and Authentication (EDS&A), Active Directory (AD), Identity Management, Enterprise and/or cloud solutions, and 3rd party application integration.
Highlights of Responsibilities:
- Support the Enterprise AD consolidation architecture design and migration fielding.
- Perform NIPRNET/SIPRNET/DF AD (Windows 2003/2008) migration support to a consolidated AD and EDS environment, and provide integration support for the implementation of third party and vendor AD/EDS migration and management tools and transitional operations associated with consolidation.
- Engineer the restructure/collapse of the decentralized NIPRNET/SIPRNET/DF AD (Windows 2003/2008) Forests throughout the Army into the proposed Enterprise AD structure.
- Research and analyze DoD and Department of the Army (DA) policies and recommend mitigation strategies for integration problem resolution that may impact the Enterprise AD consolidation enterprise project.
- Provide engineering support to project design, development, execution, and any accompanying technical documentation, including, but not limited to, post test reports, executive summaries, and design plans.
- Provide engineering analysis support for security-related hardware, software, network component evaluations, existing security policy, process and procedure determination, risk analysis, accreditation package analysis, and engineering change proposal analysis.
- Perform 8 x 5 and on-call Tier III engineering support for Enterprise Microsoft AD, EDS, and Identity Management Systems.
- Provide EDS/Identity Management system sustainment engineering and analysis support for the legacy EDS and Identity Management environment. Provide system sustainment engineering and analysis supporting Research in Motion (RIM) Blackberry for the current legacy operating environment.
- Draft, modify, or provide input for, the following documentation: System Design Plan (SDP); Engineering Installation Plan (EIP); Information System Support Plan (ISSP); Tactics, Techniques, and Procedures (TTP); Systems Acceptance Test Documentation; Technical Authority; Technical Control Bulletins; diagrams and executive summaries; DoD Information Assurance Certification and Accreditation Process (DIACAP) package; and other technical documents as required.
- Develop architectural implementation documentation in accordance with the current and future LandWarNet architectures including, but not limited to, integration support for the implementation of third party and vendor AD/Exchange migration and management tools and transitional operations associated with consolidation.
- Current Active Secret Security Clearance and or the ability to obtain one.
- IAW AR 25-2, position is considered IT Level I.
- Single Scope Background Investigation (SSBI) IAT Level II certified as specified in DOD 8570.01-M and BBP 05-PR-M-0002 (Security+ CE, or GSEC, or SSCP IA Certifications).
- BS degree in Engineering, Math, or Computer Science is required.
- Minimum of 6 – 12 years’ experience as a Senior System Engineer.
- Shall possess a Microsoft Certified Information Technology Professional (MCITP) certification.
Candidates with skills in one or more of the following role are needed: 1. Identity and Access Management (IAM) Solution Developer. Skills: ADFS 2.0, Identity Life Cycle Management (ILM), Federated Identity Management (FIM), PKI, certificate-based client authentication, SAML 2, WS-Federation / WS-Trust, Claims-based identity solutions, Privileged Access Management, Rights Management Service (RMS), IPSEC, Group Policy. 2. SCCM and SCOM Systems Solution Developer. System Center Configuration Manager (SCCM) and System Center Operations Manager (SCOM solutions developer. Experience developing custom reports utilizing the SCCM DB using custom SQL queries and SQL Reporting Services. Microsoft SQL Server Reporting Services Report Builder, SQL Server 2008 Report Definition Language, Reporting solution with SharePoint.
Preferred Education and Experience:
- Experience with all phases of planning, design, configuration, and deployment in large, complex, heterogeneous Windows forest environments.
- Superior problem solving and troubleshooting skills at the system engineer level.
- Strong technical writing skills is very important.
- Have a working knowledge of NetOps, and shall support the planning, system design, and implementation of NetOps tools sustaining NetOps capabilities from the Army LandWarNet NetOps Architecture (LNA). Developer / programmer skills, SharePoint, DBA, custom solutions development, PowerShell, VB, C#, XML, VBScript.
- Have hands-on experience with how NetOps products and services interrelate in order to ensure true NetOps capability integration in support of the NetOps LandWarNet mission.
- Have a working knowledge and understanding of enterprise NetOps concepts, AD, Messaging, PKI, and EDS procedures.
- Understand Information Technology Infrastructure Library (ITIL)-based business processes.
- Have expertise in all aspects of Microsoft Windows operating systems, to include implementing directory services, messaging, and application servers into the enterprise environment.
- Have expertise in all aspects of migration and application migration from Microsoft Windows operating systems, to include implementing AD directory services, Applications and Messaging Services into the enterprise environment.
- Have a working knowledge of SIPRNET and NIPRNET Engineering and Network management.
- Have working knowledge of National Security Agency (NSA) Type 1 Encryptors, Tactical Local Area Network Encryptors (TACLANE), High Assurance Internet Protocol (IP) Encryptor (HAIPE), and point-to-point Key Generator (KG) Encryptors.
Indeed - 5 months ago