- 
        Sr Principal Sys Admin - Identity & Access Mgmt…
- Northrop Grumman (Colorado Springs, CO)
- 
             RELOCATION ASSISTANCE: No relocation assistance available CLEARANCE TYPE: Top Secret TRAVEL: Yes, 10% of the Time Description At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Northrop Grumman Space Systems—Launch and Missile Defense Systems presents an excellent opportunity for a Sr Principal Systems Administrator – Identity & Access Mgmt Systems Administrator (25-441) to join our team of skilled and diverse professionals. Located at Schriever Space Force Base in Colorado Springs, CO, this position plays a crucial role in supporting the U.S. President, the Secretary of Defense, and combatant commanders at strategic, regional, and operational levels. This position does not offer relocation assistance and requires on-site work with no remote options. Position Overview: The Command and Control, Battle Management, and Communications (C2BMC) program is a vital part of the Missile Defense System. It provides a crucial operational platform that allows the U.S. president, the secretary of defense, and combatant commanders at strategic, regional, and tactical levels to systematically plan missile defense operations, monitor battle progress, and actively manage networked sensors and weapon systems to achieve global and regional mission objectives. C2BMC offers a layered missile defense capability, delivering an optimized response to threats across all ranges and flight phases. It serves as a force multiplier by connecting, integrating, and synchronizing autonomous sensor and weapon systems and operations both worldwide and locally to improve overall performance. Additionally, C2BMC is an essential component of all ground and flight tests that verify and demonstrate the missile defense system's current and future capabilities. This individual is responsible for deploying and maintaining all types of directory services, including Active Directory Domain Services/controllers, Certificate Authority services, policy tracking and creation, and account management functions within the enterprise. They must be detail-oriented and capable of tracking how events and actions affect the underlying infrastructure, such as replication schedules and group policies. Additionally, this person handles scrum master duties within the Agile framework for a small team. Essential Functions: + Deployment and maintenance of all Active Directory domain services and controllers, including: + Monitoring the health and status of all sites and services within the enterprise, as well as the deployment and maintenance of all certificate authority (CA) services + Issuing SSL certificates and setting up new CA servers within the enterprise + Tracking expiration dates of all CA servers and collaborating with relevant teams to renew existing CA certificates when necessary + Creating and maintaining system policies, such as: + **Windows** group policies + **Linux** authentication PAM rules/files (in concert with the Linux/Unix team) + Tracking any potential issues as they arise in the system + Maintenance of all account matrices, including all relevant permission crossovers between enclaves when necessary + Continuously collaborate with the cyber team to ensure all RBAC controls comply with current policies for restricting access between enclaves and systems in the enterprise for each applicable user or team + Assist the cyber team in monitoring all directory services for unusual logins or account activity metrics to ensure the integrity and safety of the data in the C2BMC-G system enterprise + Collaborate with other teams on deploying and maintaining technologies that involve collaborative features, such as instant messaging platforms within the enterprise + Work with the whole team to ensure that distributed authentication services are correctly set up to ensure non-repudiation across all sources, including: + Assisting with LDAP service configuration for the network/software solution to ensure RBAC access for the user base. + Examples of LDAP/LDAPS connected endpoints configuration could be things like **HPE iLO interfaces** , **Gitlab** , **Cisco ISE** , **FortiManager** , **Raritan KVM** , etc. + Thorough understanding of Active Directory and its replication structure when used in a distributed forest, separated by WAN links + Experience with an on-premises multi-domain environment utilizing **Role-Based Administrative Controls** (RBAC) for the least privilege + Experience with **DISA STIG** compliance remediation using distributed group policy and SCAP compliance scanners Basic Qualifications: Please list your current security clearance and IAT or relevant certifications on your resume, if applicable. + A Bachelor’s Degree in Computer Science, Computer Information Systems, Information Technology, Management Information Systems, Engineering, Mathematics, Physics, or a related field from an accredited university is preferred, along with 8 years of experience; or a Master’s degree (preferred) in a related field with 6 years of relevant work experience; or 12 years of relevant work experience as an alternative to a degree may be considered + Applicants must have a current, active in-scope DoD-issued **Top Secret** security clearance at the time of application, which is required to start with eligibility to be cleared at SCI and SAP security clearance + Applicants must have a current active DoD 8140 certification at **IAT Level II or higher** (such as Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA, etc.), which is required to start Preferred Qualifications: + A current, active in-scope DoD-issued **TS/SCI and SAP** security clearance at the time of application is highly desired + Ability to incorporate automation technologies into daily Active Directory use is a plus What We Can Offer You: Northrop Grumman offers a comprehensive benefits package and a work environment that promotes your growth, supporting both employees and the company's success. The benefits provided by Northrop Grumman offer flexibility and control, allowing you to select options that best fit your needs and those of your family. Your benefits will include the following: + Health Plan + Savings Plan + Paid Time Off + Education Assistance + Training and Development + Flexible Work Arrangements https://benefits.northropgrumman.com/us/en2/BenefitsOverview/Pages/default.aspx \#NGSpace \#COSpace \#NGFeaturedJobs \#C2BMC Additional Northrop Grumman Information: Primary Level Salary Range: $113,500.00 - $170,300.00 The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business. The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions. 
 
 
- 
        
Recent Jobs
- 
                
                    Sr Principal Sys Admin - Identity & Access Mgmt Sys Admin (25-441)
                
                - Northrop Grumman (Colorado Springs, CO)
- 
                
                    Director of Carbon Engineering (Onsite)
                
                - RTX Corporation (Pueblo, CO)
- 
                
                    Data Modeling Java Engineer
                
                - Citigroup (Tampa, FL)