Identity and Access Management System Administrator

JOB SUMMARY:

We are seeking a Identity and Access Management System Administrator to manage the deployment and maintenance of enterprise directory service functions, including Active Directory domain services/controllers, certificate authority services, policy creation and tracking, and account management. The ideal candidate is detail-oriented, with the ability to assess and track the impact of changes on critical infrastructure components such as replication schedules and group policies. In addition to technical responsibilities, this role will also serve as Scrum Master for a small Agile team, ensuring effective collaboration and delivery. This position provides the opportunity to combine deep technical expertise with Agile leadership to support and enhance enterprise-level directory services.

EXPERIENCE REQUIRED:

• Deployment and maintenance of all active directory domain services/controllers. This includes monitoring health and status of all sites and services in the enterprise
• Deployment and maintenance of all certificate authority (CA) services, including issuing all SSL certificates and building out new CA servers in the enterprise. Including tracking all CA server expiration dates, working with applicable teams to perform a renewal process for existing CA certs when needed.
• Creating and maintenance of system policies, such as Windows group policies, Linux authentication PAM rules/files (in concert with Linux/unix team), and tracking any potential issues as they arise on the system.
• Maintenance of all account matrices, including all applicable permissions cross overs between enclaves when/if needed.
• Continuously working with cyber team to ensure all RBAC controls are compliant with current policies for restriction access between enclaves and systems in enterprise for each applicable user/team.
• Assist cyber team with monitoring all directory services for out of the ordinary logins or accounts behavior metrics to ensure safety of data integrity of the programs system enterprise.
• Work with other teams to deployment and maintain technologies that include collaborative aspects, such as instant message platforms in enterprise.
• Work with all team to ensure proper distributed authentication services are configured property to ensure non-repudiation to all available sources. This can includes assisting with configuration of LDAP services to network/software solution, to ensure RBAC access to user base. Examples of LDAP/LDAPS connected endpoints configuration could be things like, HPE iLO interfaces, Gitlab, Cisco ISE, FortiManager, Raritan KVM, etc.
• Thorough understanding and Active Directory and its replication structure when used in a distributed forest, separated through the use of WAN links
• Experience with a on premise multi domain environment using Role based administrative controls (RBAC) for least privilege
• Experience with DISA STIG compliance remediation using distributed group policy and SCAP compliance scanners
• Ability to integrate automation technologies into daily Active Directory use is a plus

TECHNICAL SKILLS REQUIRED:

• 5-6 years’ experience administering Active Directory technologies in an enterprise level system

EDUCATION: Bachelors with 9+ or Masters with 7+ or equivalent 

LOCATION: Full Time/ On-Site at Schriever in Colorado Springs, CO

CLEARANCE REQUIRMENT: Top Secret

DOD 8570 REQUIREMENT: IAT - Level II

Salary: 120,000-135,000 + Unlimited approved PTO, Benefits, 401k match and more.