View all jobs

Active Directory Engineer

Arlington, VA · Information Technology
G3 Innovative Solutions is an IT Services company founded to create innovative solutions to enhance the capabilities of our customers.  G3 employees have successfully satisfied the technology needs of the U.S. Government and we continue to maintain relationships with those who have specialized expertise in the federal market.  G3’s broad experience, focus toward desired outcomes, and commitment to Innovation ensures responsive and long-lasting results.

Job Description: G3 Innovative Solutions is seeking a Active Directory Engineer to support a position located in Arlington, VA supporting a Federal customer. The candidate will serve as an Active Directory Engineer providing the below described services.

Duties and responsibilities:
  • Responding to customers Incident, Request, Problem, and Change Request relating to Credentialing, Identity Management, Active Directory and related services, system access, and provisioning within established SLA’s
  • Provide support to Other Services, Technologies, and systems that will integrate into Active Directory Domains, services, and Enclaves
  • Monitor Domain Controllers to prevent outages and/or restore service in a timely manner, analyze the policies currently monitored, and make recommendations as needed to provide meaningful alerts for action.
  • Provide guidance regarding changes to the AD schema;
  • Manage and maintain standardized Organizational Units (OU) in AD;
  • Manage and maintain AD custom attributes and groups (Security, Distribution, Mail enabled Security groups, etc.);
  • Manage AD sites and subnets, including site replication;
  • Manage and maintain group policy, and scripts associated with group policy, to secure the IT infrastructure and grant necessary resources to staff, consistent with job requirements (i.e. workstation, server, common Microsoft products such as Exchange, SharePoint and other group policies as requested);
  • Create and maintain a Group Policy Map to indicate what each group policy does, what resource(s) is (are) affected, and understand the effect of any change to group policy
  • Manage the AD database, System Volume (SYSVOL).
  • Audit changes to accounts, group policy, and other changes to AD with enterprise auditing tools (i.e Dell Active Administrator, Change Auditor, and Recovery Manager).
  • Share knowledge with other members of the full AD team
  • Maintain a listing of all service accounts, the applications and servers which use them, and the unit responsible for the accounts
  • Provision, modify, and de-provision user and administrator accounts on the four (4) enclaves upon receipt of approved access or de-provision request, based upon location, role, or both.  Accounts shall be provisioned/modified/de-provisioned within five (5) days of receipt or date specified in the request, whichever is later.  MDSU is currently receiving an average of 165 requests daily.  As part of this process, the Exchange mailboxes are also created.
  • Make necessary adjustments to security controls to grant only that access to IT resources required for job performance.
  • Manage user profiles, including access to share drives, OU assignment, password reset, and general directory cleanup at regular intervals.
  • Support personnel moves by migrating user profiles and data to data stores associated with new location.
  • Manage and maintain delegation of permissions.
  • Develop automated and semi-automated capability to move user profiles and data within the infrastructure.
  • Provide audit and tracking reporting capability for the management of user accounts.
  • System monitoring (using SCOM, HP Operations Manager for Windows, Replication Administrator, Dell Active Administrator, Microsoft NetMon, Change Auditor, and Recovery Manager, NetWrix);
  • Service Maintenance, Patching, and updates (security and functional updates);
  • Minor software upgrades;
  • Compete weekly status reports
  • Develop and maintain Standard Operations Procedures
  • Participate in AGIL Release Planning Events
  • Be a Technical lead for Release Features and User Stories within the AGIL SCRUM process
  • Assist Systems Administrators and other more junior members of the team resolve incident, problems, requests, and changes
  • Provides updates to ICAM Active Directory Road Map
  • Completing After Action Reports for Major Incidents, service degradations and interruptions, and security related events
  • Completing system backup, service Archives, and restorations
Education: Bachelor's degree required or an additional four years of experience required.

Required Qualifications:
  • A minimum of 13 years of experience as a Systems Engineer
  • A minimum of 2 years of experience as a Technical Team Lead on a project with a similar scope/ size
  • Advanced knowledge and Active Directory Domain Services, Identity Management, credentialing, and related services
  • Active Directory
  • DNS
  • ADDF
  • DHCP
  • Applied knowledge of DISA STIGs,
  • Systems Center Operations Manager
  • Exchange 2016
  • Skype for Business
  • Microsoft teams
  • NetWrix
  • ADFS
  • Knowledge and experience using FIM, (UAG)/(TMG)
  • Knowledge and experience supporting authentication services, firewalls, high availability systems, and web services. The main focus for authentication services would include certificate authentication using Kerberos constrained delegation, and single sign-on;
  • General understanding of PKI and certificate services
  • General understanding of RSA management and support;
  • Firewall endpoints, access and publishing policies, including the ability to troubleshoot connectivity issues in complex scenarios, with consideration of the outward lying network technologies;
  • Possess a broad understanding of web services, including publishing and troubleshooting material published by internal and external sources. This experience must include an understanding of protocols used for web traffic and troubleshooting tools to diagnose connectivity issues.
  • High Availability arrays, load balancing, and replication;
  • Experience with SQL; LDAP and Secure LDAP; Dell Active Administrator
  • VMWare, vSphere and Microsoft Hypervisor
  • Experience with Microsoft Windows Server (i.e. 2012 r2, 2008 r2, and 2016, 2019
  • Technical writing skills
  • Ability to effectively share knowledge.
  • Secret
  • Arlington, VA (REMOTE)
Compensation:  Negotiable
Benefits Offered:  401K, Medical, Dental, Life, Medical, Vision, and more

Employment Type: Full-Time
Clearance (Required): Must currently possess at least a Secret clearance

Share This Job

Powered by