Identity and Access Management System Administrator

IERUS specializes in electromagnetic spectrum technologies and design for RF, IR, and optical applications. IERUS also supports customers with a diverse set of competencies including software development, air and missile defense, and systems engineering. IERUS develops value for our defense and commercial customers through accelerations of the technology life cycle: identifying, creating, transitioning, and producing technologies with integrity of purpose and product.

IERUS is looking for bright, talented, motivated, and dedicated employees in the engineering field, and offers competitive compensation and benefits package. To learn more, please visit www.ierustech.com/benefits

Description:

This is an opportunity to join the IERUS team as an Identity and Access Management System Administrator supporting a large Missile Defense Agency program.

The ideal candidate will have an advanced degree and 7+ years experience or bachelor with 9+ years experience or equivalent. Responsibilities will include but are not limited to: deploying and maintaining all directory service types activities, such as active directory domain services/controllers, certificate authorities services, policy tracking/creation, and account management functions in the enterprise.

Required Qualifications:

• BA/BS in Engineering/Computer Science or a related technical discipline, or equivalent experience.
• Must be a US citizen with an active Top Secret clearance with eligibility for SCI and SAP.
• 5-6 years experience with Active Directory technologies in an enterprise-level system.
• Comfortable with creating and modifying group policies for forest-level application.
• Management of Active Directory remote site replication policies and health monitoring.
• Comfortable with using network/system health tracking solutions, such as SolarWinds for monitoring system health for both virtual infrastructure as well as hardware health.
• Experience with writing standard operating procedures (SOP) documentation.
• Deployment and maintenance of all active directory domain services/controllers. This includes monitoring the health and status of all sites and services in the enterprise.
• Deployment and maintenance of all certificate authority (CA) services, including issuing all SSL certificates and building new CA servers in the enterprise.
• Tracking all CA server expiration dates, working with applicable teams to perform a renewal process for existing CA certs when needed.
• Tracking all issued SSL certs for all enterprise enclaves and working with existing administrators to ensure no certificate expiration, potentially impacting services to the C2BMC-G user base.
• Creating and maintaining system policies, such as Windows group policies and Linux authentication PAM rules/files (in concert with the Linux/UNIX team) and tracking any potential issues as they arise on the system.
• Maintenance of all account matrices, including all applicable permissions cross-overs between enclaves when/if needed.
• Work continuously with the cyber team to ensure all RBAC controls are compliant with current policies for restriction access between enclaves and systems in the enterprise for each applicable user/team.
• Assist the cyber team with monitoring all directory services for out-of-the-ordinary logins or account behavior metrics to ensure the safety and integrity of the data of the C2BMC-G system enterprise.
• Work with other teams to deploy and maintain technologies that include collaborative aspects, such as instant message platforms in the enterprise.

Desired Qualifications

• Thorough understanding and Active Directory and its replication structure when used in a distributed forest, separated using WAN links.
• Experience with an on-premise multi-domain environment using Role-based administrative controls (RBAC) for least privilege.
• Experience with DISA STIG compliance remediation using distributed group policy and SCAP compliance scanners.
• Ability to integrate automation technologies into daily Active Directory use is a plus.
  
  

Location: Colorado Springs, CO

The proposed salary range for this position is $109.4k - $160.2k. Salaries are commensurate with candidate experience and qualifications within the experience bandwidth, as well as market and business considerations.

IERUS Technologies is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.

IERUS Technologies participates in E-Verify.