Eng Sr Prin - Sys
Description:
BAE Systems is offering an exciting opportunity to support an important and dynamic Department of Justice customer as a Senior Systems Engineer/Active Directory (SSE/Active Directory) supporting a highly capable and diverse team driving technical innovation. The SSE/AD shall routinely make group policy modifications to support the needs of the domain. The SSE/Active Directory shall review existing configurations of the replication topology for inconsistencies and deploys new configurations during site build. She/he shall author PowerShell scripts to automate deployment tasks. The SSE/AD shall configure and troubleshoot name resolution in an Active Directory-integrated split-brain DNS environment. The SSE/AD shall perform daily health checks of the enterprise, and up-channels findings with suggested remedies for implementation. The SSE/AD shall manage the Active Directory-based activation of Windows platforms. Implements security enhancements to the environment as directed by the CSO. The SSE/AD shall proactively review current Active Directory technologies, and presents suggestions of those which may enhance the mission. The SSE/AD shall support the unit with other duties as assigned within the scope of work.
Required Skills and Education
Minimum Education and experience required:
Four (4) year college degree in system administration, information technology, computer science, computer engineering, plus five (5) years of experience in designing, managing, administering, documenting, troubleshooting, and supporting Active Directory components as detailed above OR in lieu of education ten (10) years of experience in designing, managing, administering, documenting, troubleshooting, and supporting Active Directory components within IT systems in both production and development environments.
SKILL Level- At a minimum, the Senior Systems Engineer/Active Directory shall have demonstrated experience in:
Provide support to multiple Active Directory (AD) technologies
Monitor and maintain existing AD systems
Author technical documentation of components and configurations of environments
Prototype new solutions to IT challenges and optimize existing systems in light of new technologies as they come to market
Enterprise-level experience with the inner-workings of Active Directory Domain Services (AD DS) running within at least Windows Server platforms 2016 to present
Provide hierarchy design and delegation within AD DS based on mission needs and security requirements
Plan integration of new domain controllers to the environment
Monitor AD DS health utilizing the toolset inherent to the system as well as System Center Operations Manager (SCOM)
Review and evaluate replication topology for optimization
Manage and maintain trust relationships with outside entities
Utilizes Group Policy to control resources within the environment.
Working knowledge of DISA STIGs and their implementation.
Evaluate the relationship between existing policies and plans for the introduction of those needed in the future.
Troubleshoot Group Policy processing issues
Author Group Policy objects and modifications
Maintain DNS at the service level, verifying functionality and troubleshooting issues
Utilize split-brain DNS for multi-homed enterprise resources
Working knowledge of designing/maintaining AD Federated Services and technologies.
Evaluate and integrate new AD technologies and architectures into the environment.
Maintain the health of existing AD CS technologies and evaluate new certificate issuing
Evaluate two factor authentication methods
Collaborate with multiple stakeholders in the design and development of solutions
Ability to construct Microsoft PowerShell scripts necessary for the automation of tasks within Active Directory components. Provide documented solutions via PowerShell to simplify AD tasks for remote admins.
Experience creating and managing custom schema objects within Active Directory.
Working experience analyzing current Active Directory delegation and proposing steps to convert to a zero trust-based delegation model.
Documents product customization, integration, and validation prior to deployment
Strategy sessions for the planning, development, documentation and review of project-related documents
Draft, review, and finalize procedures, security documentation, and general usage instructions for systems and components
Provide direct assistance to the remote systems administrators with escalation level tasks
Perform duties independently, without direct supervision, and without detailed guidance from superiors
Liaison between field support and management
Participate in the Change Control process meetings, providing direct and candid feedback regarding ideas for proposed changes to systems
Document, test, and deploy modernization technologies to existing production environments
Resolve operational technical challenges and articulate ideas, concepts, and requirements to management
Author and utilize scripting languages, mainly but not limited to PowerShell, to automate tedious, repetitive, and/or error prone tasks related to installation, configuration, and management of IT systems and services
About BAE Systems Intelligence & Security
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it’s what we do at BAE Systems. Working here means using your passion and ingenuity where it counts – defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team—making a big impact on a global scale. At BAE Systems, you’ll find a rewarding career that truly makes a difference.
Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do—from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels.
This position will be posted for at least 5 calendar days. The posting will remain active until the position is filled, or a qualified pool of candidates is identified.
Preferred Skills and Education
Desired Skills and Experience:
Working with Microsoft Azure and/or AWS cloud experience highly desired
Experience with designing and developing Federated Services.
Programing skills utilizing C# and .net to manipulate AD resources.
Experience maintaining code repositories to ensure proper change management.
Experience working with on-premises vendor support to run proactive scans analyzing Active Directory technologies and remediating identified issues.
Experience working on an Agile team
Willingness to implement Lean principles, Agile engineering and DevSecOps
Ability to participate in strategy sessions for the planning, development, documentation, and review of project-related documents
Typical Education and Experience
Typically a Bachelor's Degree and 8 years work experience or equivalent experience