Travel Required? No
Citizenship: Must be U.S. Citizen
Clearance Required: Top Secret
Education: Bachelor's Degree
Certifications Required: One of the following certifications: CISSP, CASP, CISA, GCED, GCIH. Certified in accordance with DoD 8570.01-M Information Assurance Technician Level III.
Position Description: Ten or more (10+) years of experience in Information Technology.Under broad direction, perform tasks related to the design, operation, maintenance, trouble shooting, sustainment and account administration for Active Directory, Active Directory Application Mode (ADAM), and the Global Address Book (GAL). Assist the Government Lead in the daily engineering duties on systems. Operate system and application Group Policy Objects (GPO) based on the corresponding Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and the Marine Corps Enterprise Designated Approval Authority (DAA) guidance regarding the Federal Desktop Core Configuration (FDCC). Provide directory services providing authentication to enterprise applications and trusted relationships between users, devices, applications, services, and other resources throughout the network. Provide directory synchronization to Enterprise Directory Services (EDS) and Identity Synchronization Services (IdSS) through the appropriate transport boundaries in accordance with Government procedures. Provide standard Active Directory services (plus the availability to use Windows Lightweight Directory Access Protocol (LDAP) services) for all physical and virtual application servers, network devices and appliances. Monitor and optimize replication speed of directory services. Design and perform schema extensions for directory services. Assist with the development and integration of identity and access management requirements using ForeFront Identity Manager, Oracle/Sun Identity and Access Management. Utilize Active Directory Federated Services (ADFS) Integration with public key infrastructure (PKI) certificates and network accounts to support two-factor authentication for all Active Directory (AD) domain account categories and eliminate the need for password-based authentication. Perform security updates in accordance with Government procedures for directory services. Design and Perform Rights Management Services for administrators, users and groups. Expert knowledge of Windows PowerShell scripting, Windows 2008R2 /2012 R2, Active Directory, Flexible Single Master Operations (FSMO), Sites and Services, Domain Name Server (DNS), Dynamic Host Configuration Protocol (DHCP), Internet Information Services (IIS), SimpleSync, and Unity Sync. Design application networking ports and protocols, Information Assurance (IA), routing and LAN. Design and perform Global Address List (GAL) for access via Outlook, Outlook Web Access, or other similar product. Execute security updates in accordance with Government procedures for directory services. Perform system integration and installation on various server hardware, WSUS (Windows Server Update Services), System Center Configuration Manager (SCCM) 2007/12, Host Based Security System (HBSS), Structured Query Language (SQL) 2008 r2, external storage devices utilizing Logical Unit Numbers (LUNs), quota distribution and File sharing, and virtualization (specifically but not limited to VMware and Hyper-V). Execute Backup (Disaster Recovery) using NetbackUp.