Systems Admin Sr Prin
Job DescriptionSenior System Administrator (SSA)
BAE Systems is offering an exciting opportunity to support an important and dynamic Department of Justice customer as a Senior System Administrator/Engineer-Active Directory supporting a highly capable and diverse team driving technical innovation. The SSA/AD shall routinely make group policy modifications to support the needs of the domain. The SSA/Active Directory shall review existing configurations of the replication topology for inconsistencies and deploys new configurations during site build. She/he shall author PowerShell scripts to automate deployment tasks. The SSA/AD shall configure and troubleshoot name resolution in an Active Directory-integrated split-brain DNS environment. The SSA/AD shall perform daily health checks of the enterprise, and up-channel findings with suggested remedies
for implementation. The SSA/AD shall manage the Active Directory-based activation of Windows platforms. Implements security enhancements to the environment as directed by the CSO. The SSA/AD shall proactively review current Active Directory technologies and presents suggestions of those which may enhance the mission. The SSA/AD shall support the unit with other duties as assigned within the scope of work.
Required Skills and Education
Minimum Education: Four (4) year college degree in system administration, information technology, computer science, computer engineering, plus five (5) years of experience in designing, managing, administering, documenting, troubleshooting, and supporting Active Directory components as detailed above or in lieu of education ten (10) years of experience in designing, managing, administering, documenting, troubleshooting, and supporting Active Directory components within IT systems in both production and development environments. If utilizing in lieu of education, all experience must be at or above the position level described above.
SKILL Level- Demonstrated SME Level experience in:
- Enterprise-level experience in optimizing Directory Services infrastructure and hierarchy.
- Experience monitoring and maintaining existing Directory Services environments in multiple enclaves with various mission requirements.
- Utilizes Group Policy to harden resources within the environment.
- Working knowledge of DISA STIGs and their implementation.
- Evaluate the relationship between existing policies and plans for the introduction of those needed in the future.
- Troubleshoot Group Policy processing issues that arise on systems within the environment.
- Maintain DNS at the service level, verifying functionality and troubleshooting issues.
- Utilize split-brain DNS for multi-homed enterprise resources.
- Working knowledge of designing/maintaining AD Federated Services and technologies.
- Maintain the health of existing AD Certificate Services technologies.
- Enterprise-level knowledge of Multifactor authentication design and implementation as it pertains to Active Directory and Certificate Services.
- Enterprise-level mastery of Active Directory 2016, 2019, 2022 and latest version.
- Author PowerShell scripts that will be used to standup and maintain AD environments.
- Experience creating and managing custom schema objects within Active Directory.
- Working experience analyzing current Active Directory delegation and proposing steps to convert to a zero trust-based delegation model.
About BAE Systems Intelligence & SecurityBAE Systems Intelligence & Security, based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do—from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels. That’s BAE Systems. That’s Inspired Work. Equal Opportunity Employer/Females/Minorities/Veterans/Disabled/Sexual Orientation/Gender Identity/Gender Expression. To see Inspired Work in action, visit www.baesystems.com and follow us on Facebook: www.facebook.com/baesystemsintel.
Preferred Skills and EducationDesired Skills and Experience:
- Microsoft Azure and/or AWS cloud experience highly desired
- Experience working on digital forensics technology or related technologies for law enforcement or intelligence community customers is a plus
- Experience working on an Agile team
- Ability to participate in strategy sessions for the planning, development, documentation, and review of project-related documents
- Ability to participate and support the gathering, identifying, and documentation of the system, hardware, and software requirements, as well as security requirements
- Experience with designing and developing Federated Services.
- Programing skills utilizing C# and .net to manipulate AD resources.
- Experience maintaining code repositories to ensure proper change management.
- Experience working with on-premises vendor support to run proactive scans analyzing Active Directory technologies and remediating identified issues.
Typical Education and ExperienceTypically a Bachelor's Degree and 8 years work experience or equivalent experience