Apply Now    

Systems Administrator, IdAM

Req #: 202842
Location: Washington, DC US
Job Category: Engineering
Security Clearance: Top Secret
Clearance Status: Must Be Current

Job Description

Identity & Access Management Administrator/Active Directory Administrator with an active Top Secret Clearance to support a very dynamic customer in Washington, DC.

• Practical experience in creating, modifying, and deleting group policy, troubleshoot group policy issues, determine the effect of all group policies on an account or account group, audit changes to group policy, and maintain a Group Policy Map;
• Practical experience using Microsoft Active Directory Services, PowerShell, and/or other scripting tools, understand logical representation and enterprise effects of implementation;
• Practical experience using automated tools or like products like Microsoft Advanced Group Management Policy (AGPM), Microsoft Forefront Identity Manager (FIM), Microsoft Identity Manager (MIM) and attributes;
• Design and implement Directory Services that effectively reflect business needs, service-level and availability requirements while being robust and scalable to support; including performance analysis and optimization, monitoring, problem resolution, upgrade planning and execution, and process creation and documentation;
• Function as Senior level for Directory Services including; Active Directory Domain Services (ADDS), Azure Active Directory, and Active Directory Certificate Services and as a technical expert on infrastructure projects pertaining to Directory Services, GPO's, authorization services along with their monitoring, security methodologies, management, capacity planning, environment failover and disaster recovery;
• Design a global Active Directory Infrastructure, including design and implementation of Group Policy and domain consolidation for multiple large scale organizations;
• Ensure the proper systems and administration design. Utilize logical problem solving to find creative solutions to problems in the environment on a broad scale Troubleshoot and resolve Active Directory, GPO, Kerberos, Active Directory Federated Services, Microsoft Identity Manager (MIM) and other password/identity management systems;
• Domain Controller expertise--build, promote, replicate and patch advanced planning and implementation tasks;
• Ensure new Directory Service technologies are adequately tested and integrated with infrastructure and application services;
• Assist in management and support of internal and external DNS systems. Assist in management and support of internal DHCP architecture and scoping;
• Advanced knowledge related to installing and configuring Windows Server 2012 (preferred) or Windows Server 2008 R2 equivalent
• Advanced knowledge related to administering Windows Server 2012 (preferred) or Windows Server 2008 R2 equivalent
• Advanced knowledge related to configuring Advanced Windows Server 2012 Services (preferred) or Windows Server 2008 R2 equivalent
• Advanced knowledge related to with Microsoft Windows Server (i.e. 2012 r2, 2008 r2, including Active Directory);
• Provide quality/production methods to ensure existing group policies are not already in-place to implement user request or change;
• Provide active follow-up with users and engineers to ensure actual changes worked and did not cause corruption of user profiles and permissions;
• Be able to identify impacts of AD, GPO, OU change;
• Ability to document order of applied change and criticality of sequenced process steps;
• Experience managing Domain replication;
• Practical experience applying Federal Information Services Management Act (FISMA) rules to the AD environment

Typically requires bachelor’s degree or equivalent and five or more years of related work experience.

• PowerShell Scripting (Highly Recommended)
• Highly recommended have Microsoft Certified Technology Specialist (MCTS), Security+ (CompTIA); preferably Microsoft Certified Solutions Associate (MCSA) certifications;
• Experience with SQL; LDAP and Secure LDAP, and Dell Active Administrator;
• Able to administer PKI and certificate services ;
• Able to administer RSA tokens, as an RA or LRA;
• Minimum of five (5) years with AD group policy, including common Microsoft products such as SharePoint and Exchange for the listed server versions and their successors;
• Minimum of five (5) years of troubleshooting AD, especially group policy-related incidents;
• Bachelor’s Degree in Engineering or in one of the disciplines within Information Technology
• Technical writing skills; and
• Ability to effectively share technical knowledge between government and contractor’s personnel.

Job Location



CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

Apply Now    
Link for schema