**Req ID:** RQ209981
**Type of Requisition:** Regular
**Clearance Level Must Be Able to Obtain:** None
**Public Trust/Other Required:** None
**Job Family:** IT Infrastructure and Operations
**Skills:**
Access Management,Identity Governance,Public Key Infrastructure
**Certifications:**
Project Management Professional (PMP) | Project Management Institute (PMI) - Project Management Institute (PMI)
**Experience:**
10 + years of related experience
**US Citizenship Required:**
Yes
**Job Description:**
Looking for an SME in the following fields:
+ Microsoft AD Certificate services and other PKI technologies
+ Core MS products like SCOM and SCCM, Intune for managing Windows architecture
+ Microsoft Entra and related suite of applications around identity and application governance.
+ Modern authentication and authorization protocols and implementation
**Essential Duties and Responsibilities**
+ Be the SME for any PKI related questions beyond MS ADCS.
+ Maintain, upgrade and monitor MS ADCS and related components like KMS and HSM
+ Manage Active Directory Domain Controllers and provide ongoing recommendations for AD hardening
+ Manage Entra ID and supporting infrastructure e.g conditional Access policies, Intune policies, Identity governance, Entra Connect
+ Investigate and apply remediations for detected vulnerabilities as applicable.
+ Setup and respond to standardized alerts, perform regular log analysis, monitor and maintain systems to identify any issues. Maintain overall system health to maximize system uptime and ensure delivery of service level objectives.
+ Work with other SMEs to resolve application problems. Provide support for restoration of service and perform root cause analysis. This could extend to working across teams as needed.
+ Respond to Tier2 and Tier3 customer support tickets and requests. Provide on-call support, assist project, development, security, and operations teams as required.
+ Develop, document, and implement PowerShell scripts for efficient management of the PKI and Active Directory environment and recurring report requests.
+ Provide technical consultation on current and proposed systems to other departments and clients. Knowledge transfer to other non-SME's within the team.
+ After hours support may be required due to operational tempo. Candidate should expect to participate in on-call support and be available for short notice call in.
+ Develop documentation for assigned projects including installation guides, troubleshooting guides, procedures, etc.
+ Guide the Identity teams on emerging technological innovation around Identity and security.
**Skills/Experience Requirements**
+ Ten+ years of MS ADCS, Active Directory and Windows experience with expert level troubleshooting skills. This includes NDES and SCEP deployments and integrating with Intune.
+ Ten+ years of HSM / KMS experience.
+ Expert level understanding of Cryptography and PKI.
+ Expert level understanding of Personal Identity Verification (PIV) cards and Virtual Smart Cards including integrating with identity directories for MFA.
+ Ten+ years of domain admin / enterprise admin level operational expertise of AD
+ Five+ years of Experience with administration of IAM in Azure and/or AWS. Expert level knowledge of all current Entra offerings that align with Entra Identity. Eg
+ High levels of knowledge of Networks, Firewalls, Load Balancers, DNS desired.
+ Ability to work independently and within a team environment absolutely necessary.
+ Excellent communication and customer service skills
**Education Requirements**
Bachelor's degree in information technology or equivalent experience
The likely salary range for this position is $131,750 - $178,250. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year. Paid leave and paid holidays are prorated based on the employee's date of hire. The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
Join our Talent Community to stay up to date on our career opportunities and events at
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans