Active Directory Engineer

Company: G3 Innovative Solutions, LLC
Location: Arlington
Posted on: March 16, 2023

Job Description:

G3 Innovative Solutionsis an IT Services company founded to create innovative solutions to enhance the capabilities of our customers. G3 employees have successfully satisfied the technology needs of the U.S. Government and we continue to maintain relationships with those who have specialized expertise in the federal market. G3s broad experience, focus toward desired outcomes, and commitment to Innovation ensures responsive and long-lasting results.



Job Description:G3 Innovative Solutions is seeking a Active Directory Engineer to support a positionlocated in Arlington, VA supporting a Federal customer. The candidate will serve as an Active Directory Engineer providing the below described services.



Duties and responsibilities:

• 
  
• Responding to customers Incident, Request, Problem, and Change Request relating to Credentialing, Identity Management, Active Directory and related services, system access, and provisioning within established SLAs
  
• Provide support to Other Services, Technologies, and systems that will integrate into FBI Active Directory Domains, services, and Enclaves
  
• Monitor Domain Controllers to prevent outages and/or restore service in a timely manner, analyze the policies currently monitored, and make recommendations as needed to provide meaningful alerts for action.
  
• Provide guidance regarding changes to the AD schema;
  
• Manage and maintain standardized Organizational Units (OU) in AD;
  
• Manage and maintain AD custom attributes and groups (Security, Distribution, Mail enabled Security groups, etc.);
  
• Manage AD sites and subnets, including site replication;
  
• Manage and maintain group policy, and scripts associated with group policy, to secure the IT infrastructure and grant necessary resources to staff, consistent with job requirements (i.e. workstation, server, common Microsoft products such as Exchange, SharePoint and other group policies as requested);
  
• Create and maintain a Group Policy Map to indicate what each group policy does, what resource(s) is (are) affected, and understand the effect of any change to group policy
  
• Manage the AD database, System Volume (SYSVOL).
  
• Audit changes to accounts, group policy, and other changes to AD with enterprise auditing tools (i.e Dell Active Administrator, Change Auditor, and Recovery Manager).
  
• Share knowledge with other members of the full AD team
  
• Maintain a listing of all service accounts, the applications and servers which use them, and the unit responsible for the accounts
  
• Provision, modify, and de-provision user and administrator accounts on the four (4) enclaves upon receipt of approved access or de-provision request, based upon location, role, or both. Accounts shall be provisioned/modified/de-provisioned within five (5) days of receipt or date specified in the request, whichever is later. MDSU is currently receiving an average of 165 requests daily. As part of this process, the Exchange mailboxes are also created.
  
• Make necessary adjustments to security controls to grant only that access to IT resources required for job performance.
  
• Manage user profiles, including access to share drives, OU assignment, password reset, and general directory cleanup at regular intervals.
  
• Support personnel moves by migrating user profiles and data to data stores associated with new location.
  
• Manage and maintain delegation of permissions.
  
• Develop automated and semi-automated capability to move user profiles and data within the infrastructure.
  
• Provide audit and tracking reporting capability for the management of user accounts.
  
• System monitoring (using SCOM, HP Operations Manager for Windows, Replication Administrator, Dell Active Administrator, Microsoft NetMon, Change Auditor, and Recovery Manager, NetWrix);
  
• Service Maintenance, Patching, and updates (security and functional updates);
  
• Minor software upgrades;
  
• Compete weekly status reports
  
• Develop and maintain Standard Operations Procedures
  
• Participate in AGIL Release Planning Events
  
• Be a Technical lead for Release Features and User Stories within the AGIL SCRUM process
  
• Assist Systems Administrators and other more junior members of the team resolve incident, problems, requests, and changes
  
• Provides updates to ICAM Active Directory Road Map
  
• Completing After Action Reports for Major Incidents, service degradations and interruptions, and security related events
  
• Completing system backup, service Archives, and restorations
  
  
  
  Education: Bachelor's degree desired
  
  Required Qualifications:
  
  
  • 
    
  • A minimum of 10 years of experience as a Systems Engineer
    
  • A minimum of 2 years of experience as a Technical Team Lead on a project with a similar scope/ size
    
  • Advanced knowledge and Active Directory Domain Services, Identity Management, credentialing, and related services
    
  • Active Directory
    
  • DNS
    
  • ADDF
    
  • DHCP
    
  • Applied knowledge of DISA STIGs,
    
  • Systems Center Operations Manager
    
  • Exchange 2016
    
  • Skype for Business
    
  • Microsoft teams
    
  • NetWrix
    
  • ADFS
    
  • Knowledge and experience using FIM, (UAG)/(TMG)
    
  • Knowledge and experience supporting authentication services, firewalls, high availability systems, and web services. The main focus for authentication services would include certificate authentication using Kerberos constrained delegation, and single sign-on;
    
  • General understanding of PKI and certificate services
    
  • General understanding of RSA management and support;
    
  • Firewall endpoints, access and publishing policies, including the ability to troubleshoot connectivity issues in complex scenarios, with consideration of the outward lying network technologies;
    
  • Possess a broad understanding of web services, including publishing and troubleshooting material published by internal and external sources. This experience must include an understanding of protocols used for web traffic and troubleshooting tools to diagnose connectivity issues.
    
  • High Availability arrays, load balancing, and replication;
    
  • Experience with SQL; LDAP and Secure LDAP; Dell Active Administrator
    
  • VMWare, vSphere and Microsoft Hypervisor
    
  • Experience with Microsoft Windows Server (i.e. 2012 r2, 2008 r2, and 2016, 2019
    
  • Technical writing skills
    
  • Ability to effectively share knowledge.
    
    
    
    Clearance:
    
    
    • 
      
    • Top Secret
      
      
      
      Location:
      
      
      • 
        
      • Arlington, VA
        
        
        
        Compensation: Negotiable
        
        Benefits Offered: 401K, Medical, Dental, Life, Medical, Vision, and more
        
        Employment Type: Full-Time
        
        Clearance(Required): Must currently possess at least a Top Secret clearance

Keywords: G3 Innovative Solutions, LLC, Arlington , Active Directory Engineer, Other , Arlington, Virginia