Clearance Requirements: Active TS/SCI clearance and willing to take a Polygraph.
A new, five-year contract award has created the opportunity for Senior Systems Administrator III – Generalist to support our government customer based in Springfield, VA. This position is required to be onsite.
Benefits include 15 days PTO, 11 days Paid Government Holidays, a 401k with 6% matching and an inclusion in our employee profit sharing program.
The Senior Systems Administrator III - Generalist supports the Information Technology (IT) Operations and Maintenance (O&M) Server team to provide enterprise-level, high-performance, highly available, server technology solutions (systems, applications, and services) as the customer’s Enterprise IT System, Applications, and Services catalogs.
Under the guidance of the Principal Systems Administrator, the Senior Systems Administrator will provide O&M support – installation, configuration, securing and hardening, testing, validation, sustainment, upgrading, remediation, and decommissioning – as it relates to enterprise server-based solutions across the IT enterprise’s multi-platform (Microsoft, *nix, etc.) information systems varying in size and complexity (LAN, MAN, WAN, etc.). Existing server-based solutions include a variety of major technology vendors including, but not limited to, Citrix, Esri, McAfee, Microsoft, Red Hat, ServiceNow, and SolarWinds. The majority of enterprise services are hosted on enterprise Microsoft Windows Server implementations, but there are also select stand-ups of Linux distributions as well. A wide and deep range of technical knowledge and experience, as well as the technical aptitude and self-initiative to learn and grow is a must for this position.
The Senior Systems Administrator also supports the mid-to-senior level internal escalation tier(s) for the Server O&M team providing advanced troubleshooting support and guidance to rapidly assess and remediate challenges in the Server System, Application, and Services arena that arise.
The Senior Systems Administrator also produce and maintain documentation of the Server team’s solution system(s), sub-system(s), and component(s) deployed and in use in thecustomer’s IT Solutions portfolio, including as-built documentation, capacity/performance plans, processes and procedures, workflows, run books, and all other area of server system life-cycle planning.
- Shall have 7 or more years of progressive and increasingly complex experience successfully providing O&M support of enterprise server operating systems (OSs) (Windows Server, Red Hat Enterprise Linux, etc.) and server applications and services, such as Microsoft Active Directory (AD), Exchange, File Services, SQL Server, and SharePoint, etc. across multi-platform information systems varying in size and complexity (LAN, MAN, WAN, etc.).
- Shall have 5 or more years of personal and hands-on experience managing and administering a complete Microsoft AD Domain and Forest Functional Level (DFL/FFL) of Windows Server 2008 R2, or higher, to include, but not be limited to, Domain Controllers, Global Catalogs, LDAP/S, Domain Naming Services, and Dynamic Host Configuration Protocol (DHCP). A strong understanding of the workings of AD is a must. Additional experience working with newer DFL/FFL levels (i.e., Windows Server 2012 or higher) is a plus.
- Shall have 5 or more years of experience operating and maintaining solutions in secure processing environments which must adhere to U.S. Government Information Assurance and Security standards such as the Defense Information Systems Agency (DISA) Security Requirements Guides (SRGs) and Security Technical Implementation Guides (STIGs).
- Demonstrated experience leveraging industry and vendor provided product documentation and best practices to successfully deploy, operate, and maintain a variety of enterprise-level Microsoft applications (Exchange, IIS, SharePoint, SQL, etc.) and services (DFS, KMS, PKI, etc.), as well as major third-party software solutions within a production system, with focus on minimizing, and eliminating, if possible, negative end-user impact and/or downtime.
- Familiarity with leveraging scripted technologies, such as Microsoft PowerShell, PowerShell on Linux, Batch, VBScript, etc., to automate and orchestrate routine, as well as complex O&M duties and responsibilities, with a focus on maximizing efficiency, consistency, and minimizing the subsequent human error factor of related tasks. Having personal hands-on experience with authoring, testing, troubleshooting, and/or implementing such scripted technologies is a plus.
- Shall meet the Cyber IT/Cybersecurity Workforce (CSWF) System Administrator (451); Intermediate Level for SECNAV M-5239.2 compliance. (See Navy Cool WebSite).
- Bachelor’s degree from accredited University; or
- CNSSI/NTSSI 4015-Systems Certifiers/4016-Risk Analysts; or
- CompTIA Security+ ce; or
- GIAC Security Essentials Certification (GSEC); or
- Systems Security Certified Practitioner (SSCP)
- Strongly desired to be Microsoft Certified Solutions Associate (MCSA): Windows Server 2016 and Global Information Assurance Certification (GIAC) Certified Windows Security Administrator (GCWN) certified. Microsoft Certified Solution Expert (MCSE): Core Infrastructure certified is most desired.
- Technical certifications in other enterprise-level OSs, applications, and technologies, such as Citrix, Cisco, Microsoft, Red Hat, Splunk, and SolarWinds are also a plus.
- Strongly desired to have experience working with newer core Microsoft enterprise Server technologies to include AD, Windows 10, Windows Server 2016, Microsoft SQL Server 2016, and Microsoft IIS 10. Additional experience working with these products on the Windows Server Core offering is a plus.
- Demonstrated experience implementing, operating, and maintaining Microsoft-based High-Availability (HA) Server technologies, such as Network Load Balancing (NLB) and Windows Failover Clusters (WFC), and Application-specific technologies, such as Microsoft Exchange Database Availability Groups (DAGs), Microsoft Internet Information System (IIS) Application Request Routing (ARR) Web Farms, and/or Microsoft SQL Server Always-on Availability Groups.
- Demonstrated experience implementing, configuring, securing, operating, and maintaining enterprise solutions to meet vendor and industry information security (INFOSEC) guidance and best practices, DISA SRG/STIG, information assurance (IA) compliance and governance demands, such as the use of cryptography to satisfy Data-at-Rest Encryption (DARE) and Data-in-Flight Encryption (DIFE) requirements.
- Demonstrated experience receiving and reviewing notice of INFOSEC vulnerabilities, issues, and/or problems, research acceptable solutions, presenting the solution for customer acceptance, and implementation to remediate INFOSEC findings within predefined timeframes across multiple platforms, applications, and/or services.
- Demonstrated experience providing mentorship and On the Job Training (OJT) to junior and/or lesser experienced team members.
- Working knowledge and/or experience using Microsoft System Center Configuration Manager (SCCM) for the purposes of conducting Microsoft Windows end-point baselining, inventorying, patching and updating, and software metering across a globally dispersed enterprise Wide Area Network (WAN). Experience configuring and/or building SCCM Device Collections, Applications, Deployment Packages, and/or Software Update Groups is a plus.
- Working knowledge and/or experience performing advanced troubleshooting techniques, methodologies, processes and practices to quickly identify and assess an issue, develop the strategy to resolve the issue, implement the resolution, and restore the degraded entity to an operational state all while maintaining concern for the original configuration and the overall Information Security (INFOSEC) posture of the environment.
- Working knowledge and/or experience using Microsoft AD Certificate Services (ADCS) to provide enterprise production Public Key Infrastructure (PKI) services to end-points, applications and services, and users for the various common purposes - Server Authentication, Client Authentication, Encryption, Code Signing, Digital Certificate. This should include experience administering and working with Certificates and installation and configuration of those certificates in the solutions.
- Working knowledge and/or experience using Microsoft Exchange in a dispersed configuration to minimize, if not eliminate, single points of failure in the server roles and service offerings, to maximize availability, reliability, and resiliency. Experience working with Microsoft Exchange 2010 or newer is a plus.
- Working knowledge and/or experience using Microsoft Office SharePoint Server (MOSS) and Outlook Web Apps (OWA) to provide an enterprise platform to share and manage content, knowledge, and applications to empower teamwork, quickly find information, and seamlessly collaborate across the organization.
- Working knowledge of all aspects of enterprise-grade IT solutions across the technology stack: physical, networking, storage, virtualization, servers, applications, and services. Familiarity with and/or experience administering on-premises Windows Server Update Services (WSUS) servers, to include downloading, exporting, and importing of metadata and update content when the WSUS server is completely disconnected from the internet (i.e. air gapped) for the purposes of hosting the update repository for Microsoft SCCM.
- Familiarity with and/or experience using Microsoft Distributed File Services (DFS) Namespaces (DFS-N) and Replication (DFS-R) to provide domain-based common file services access, configuration, and protection, to include off-site replication of business and mission critical data.
- Familiarity with and/or experience using Microsoft Volume Activation Services, both AD-based Activation (ADBA) and Key Management Services (KMS), for Windows OS and Microsoft Office product offerings.
- Familiarity with and/or experience using McAfee ePolicy Orchestrator, Management for Optimized Virtual Environments (MOVE), and VirusScan Enterprise for Storage (VSES) for the purpose of satisfying IA/INFOSEC end-point anti-virus, threat, firewall, and web control is a plus.
- Familiarity with and/or experience using the SolarWinds Orion Platform (NPM, NTA, NCM, IPAM, UDT, NTM, DPA, SAM, etc.) for the purpose of enterprise-wide centralized entity performance, configuration, capacity, and availability monitoring is a plus.
- Familiarity with and/or experience providing server and/or desktop O&M support within Virtual Desktop Infrastructure (VDI) implementations are desired. Specific experience working with Citrix Virtual Apps and Desktops (formerly XenDesktop) hosted offerings is a plus.
- Familiarity with IT Networking technologies, concepts, and approaches to routing and switching, TCP/IP, traffic analysis, packet capturing and analysis, and traffic flow is a plus.