Senior Systems Engineer (Microsoft Active Directory)

We are seeking a Senior Systems Engineer (Microsoft Active Directory) in Washington, DC. Position: Senior Systems Engineer (Microsoft Active Directory) Location: Washington, DC. Type: Full-time Job Description Responsible for managing Active Directory Domain Services, Group Policy Administration, Active Directory Certificate Services, Active Directory Federation Services and Azure Active Directory Facilitate Active Directory administrative tasks, integration needs, and business requirements. Create, implement, manage, and maintain Security and Delegation Model that uses AD role-based administration. Document and test AD Domain Controllers disaster recovery procedures. Maintain Azure AD. Maintain Federation Services. Create advanced monitoring strategies for monitoring and reporting the health of Active Directory components. Be available to all information technology groups of a large enterprise, both within IT operations as well as in other IT divisions to help and facilitate the integration or support of the Active Directory and Microsoft Enterprise Services. Provide strategies for maintaining a secure Active Directory environment. Continually monitor environment to ensure best practices and Federal guidelines are being followed. Develop scripts and programs that incorporate ''AI'' like features to monitor and maintain Active Directory and its components. Develop policies and standards for how Active Directory objects such as Groups and Organizational Units should be created, named, and maintained. Generate usage reports of components of AD like LDAP, NTLM, Kerberos, etc. Provide point in time audit reports of different types of AD objects. Create and maintain support documentation, asset inventory, and technical drawings of the enterprise infrastructure. Work closely with desktop and server administrators to structure and define appropriate Group Policy, scripting, related to directory hierarchy, objects, and structure. Collaborate with Information Security Division to mitigate vulnerabilities, define and implement security policies, and support internal PKI/certificate management process. Design, implement, and maintain Privileged Access Workstation for accessing Domain Controllers and other mission critical enterprise servers Possess deep understanding of common types of Active Directory based exploits such as PtH attacks and Group Policy based exploits.

Created: 2021-11-29