AD Systems Administrator
AD Systems Administrator (Active TS w/SCI eligibility)
ATSG is seeking resumes for an Active Directory (AD) System Administrator to join the Information and Technology Branch (ITB) Information Technology Infrastructure Division (ITID) at the Federal Bureau of Investigation in Washington, DC. The FBI ITB ITID mission includes the provision of comprehensive information technology services to all FBI personnel assigned to the FBI Headquarters, J. Edgar Hoover Building (FBIHQ) in Washington, D.C., Field Offices (FOs), Resident Agencies (RAs), and Legal Attach (LEGAT) located overseas.
In support of this mission, ITID is responsible for the management and support of the FBI's IT infrastructure. Part of this infrastructure includes systems operating on four (4) enclaves (BlackNet, Unclassified, Secret, and Top Secret/Sensitive Compartmented Information), as well as the underlying facilities and transports to support them.
The successful candidate will:
Provide guidance regarding changes to the AD schema;
- Manage and maintain standardized Organizational Units (OU) in AD;
- Manage and maintain AD custom attributes and security groups;
- Manage AD sites and subnets, including site replication;
- Manage and maintain group policy, and scripts associated with group policy, to secure the IT infrastructure and grant necessary resources to staff, consistent with job requirements (i.e. workstation, server, common Microsoft products such as Exchange, SharePoint and other group policies as requested);
- Create and maintain a Group Policy Map to indicate what each group policy does, what resource(s) is (are) affected, and understand the effect of any change to group policy
- Manage the AD database, System Volume (SYSVOL).
- Monitor Domain Controllers to prevent outages and/or restore service in a timely manner, analyze the policies currently monitored, and make recommendations as needed to provide meaningful alerts for action.
- Audit changes to accounts, group policy, and other changes to AD with enterprise auditing tools (i.e Dell Active Administrator, Change Auditor, and Recovery Manager).
- Follow FBI Change Management Policy when changing the FBI IT infrastructure.
- Share knowledge with other members of the full AD team, regardless of whether other members are FBI employees or contractors of this or another contractor.
- Maintain a listing of all service accounts, the applications and servers which use them, and the unit responsible for the accounts.
- Provision, modify, and deprovision user and administrator accounts on the four (4) enclaves upon receipt of approved access or deprovisioning request, based upon location, role, or both. Accounts shall be provisioned/modified/deprovisioned within five (5) days of receipt or date specified in the request, whichever is later. MDSU is currently receiving an average of 165 requests daily. As part of this process, the Exchange mailboxes are also created.
- Make necessary adjustments to security controls to grant only that access to IT resources required for job performance.
- Manage user profiles, including access to share drives, OU assignment, password reset, and general directory cleanup at regular intervals.
- Support personnel moves by migrating user profiles and data to data stores associated with new location.
- Manage and maintain delegation of permissions.
- Follow FBI policy and procedures for account management to create, modify, or delete accounts and account permissions
- Knowledge and experience using monitoring tools (i.e. Microsoft Advanced Group Management Policy (AGPM), Microsoft Resultant Set of Policy, Microsoft Forefront Identity Manager (FIM) and attributes);
- Technical writing skills;
- Knowledge and experience with the application of Federal Information Services Management Act (FISMA) rules to the AD environment;
- Knowledge and experience using Microsoft Active Directory Services, Power Shell, and/or other scripting tools;
- Experience with Microsoft Windows Server (i.e. 2012 r2, 2008 r2, and 2003, including Active Directory);
- Experience with SQL; LDAP and Secure LDAP, and Dell Active Administrator;
- Minimum of five (5) years with AD group policy, including common Microsoft products such as SharePoint and Exchange for the listed server versions and their successors;
- General understanding of PKI and certificate services;
- General understanding of RSA management and support;
- Bachelor's Degree or equivalent (preferred to include Microsoft Certified Technology Specialist (MCTS), Security Plus (CompTIA)); preferably Microsoft Certified Solutions Associate (MCSA) certifications in the following:
- Installing and Configuring Windows Server 2012 or Windows Server 2008 R2 equivalent
- Administering Windows Server 2012 or Windows Server 2008 R2 equivalent
- Configuring Advanced Windows Server 2012 Services or Windows Server 2008 R2 equivalent
- Knowledge and skills necessary to create, modify, and delete group policy, troubleshoot group policy issues, determine the effect of all group policies on an account or account group, audit changes to group policy, and maintain a Group Policy Map;
- Minimum of five (5) years of troubleshooting AD, especially group policy-related incidents; and
- Ability to effectively share technical knowledge between government and contractor's personnel.
Candidates are encouraged to submit a .doc or .docx resume that explicitly addresses each of the requirements listed above.
As an Equal Opportunity Employer, our applicants and employees are protected from discrimination. Visit http://bit.ly/FederalEEO for more information.
We respectfully request not to be contacted by recruiters and/or staffing agencies.
ATSG (http://atsgcorp.com) delivers cutting edge technical solutions to federal and commercial clients through strategic partnerships, product development, and system integration services. ATSG specializes in working with our clients to maintain the readiness of current systems while transitioning to more advanced and cost-effective technologies.
Fri, 2 Jun 2017 13:04:32 PDT