-
Senior PKI Engineer
- SAIC (Washington, DC)
-
Description
The Senior PKI Engineer will support implementation and design of DOT’s refresh solution, KeyFactor, and The candidate will support implementation and design services for Microsoft Active Directory certificate services and KeyFactor. The candidate will serve as subject matter expert for PKI, smart card authentication, and identity services for the Active Directory Services Team for on-premises Active Directory, and Entra ID. The candidate will provide support for Windows-based systems across the enterprise, including directory and identity management solutions. Resolves and appropriately completes assigned tasks and change requests and acts as an escalation for support issues. Applies new solutions through research and collaboration with team and determines course of action for new application initiatives. Implements new software solutions as required by the business. The core infrastructure technology duties include enterprise Microsoft Active Directory, Microsoft Certificate Services, policy configuration, and top-level support for enterprise-wide initiatives.
JOB DESCRIPTION AND DUTIES:
+ Fulltime onsite requirement at DOT HQ, Washington DC.
+ Once every 2-3 months support server infrastructure in a 24x7 on-call escalation capacity as part of a team rotation.
+ Performs day-to-day activities required to assist and identify technology solutions that meet enterprise requirements.
+ Maps functional requirements into technological requirements and identifies technologies that meet the technological requirements.
+ Conducts proof of concept, pilots and demos for the purposes of evaluating the suitability of given technologies for meeting requirements.
+ Evaluates the tradeoffs between competing solutions and develops quantitative driven analysis of alternatives.
+ Produces written analysis of research and recommendation papers that clearly describe the process followed, alternatives considered, evaluation criteria and rationale for recommendation and need for improvement.
+ Provide enterprise-level support for Active Directory for global initiatives following those through to implementation via collaboration with project and support teams.
+ Lead point of contact for certificate services including issuances, renewals, and management functions; maintain Certificate life-cyle and on-demand and periodic reporting on enterprise and solution certificate status.
+ Research, evaluate, and provide solution recommendations for current PKI capability and opportunities for enhancements.
+ Support engineering, design, implementation, and operations support of PKI-solution.
+ Serves as escalation point for PKI and active directory support and troubleshooting, provides guidance and direction in resolution of escalated issues and/or complex production, application, or system problems.
+ Create and maintain system documentation for domain and PKI technologies, including installation, configuration, and appropriate troubleshooting steps.
+ Improve existing processes through solutions to recurring problems and enhancements to existing solutions or documentation.
+ Perform daily system monitoring, verifying the integrity and availability of all hardware, server resources, systems, and key processes, reviewing system and application logs, and verifying completion of scheduled jobs.
+ Install, configure, and maintain Active Directory and third-party software utilities for hardware systems within company operational guidelines.
+ Create and maintain system documentation for domain technologies, including installation, configuration, and appropriate troubleshooting steps.
+ Improve existing processes through solutions to recurring problems and enhancements to existing solutions or documentation.
+ Provide training as required.
+ Maintain and update environmental documentation, standard Operating Procedures, and engineering documentation.
+ Collaborate with Lead to identify, assess, and present solution options for meeting the functional and technical requirements, which may include hardware and/or software.
+ Performs security hardening, patching and server certificate updates.
+ Develops documentation for System Installation Plans and System Administration Guide.
+ Perform other tasks as directed by Lead Engineers or Project Manager.
Qualifications
REQUIRED EDUCATION AND EXPERIENCE:
+ Must have a minimum of 8 years of related experience providing business solutions engineering support, to include architectural design, engineering design, proof of concept development, pilots, analysis, results, and documentation.
+ Must have extensive knowledge of multi-vendor server operating systems.
+ Must have extensive experience and expertise with KeyFactor including implementation, operations, and maintenance.
+ Must have knowledge of multiple certificate technologies including Entrust/Sectigo, SSL.com, DigiCert, etc.
+ Demonstrated experience in all aspects of enterprise Windows environment operations and maintenance (O&M) and engineering.
+ Active Directory architecture and management [expert-level].
+ PKI, HSM’s, PIV cards, Smart Cards [expert-level].
+ Multi-Factor Authentication- Active Directory Federation Services (ADFS), SAML, SSO [expert-level].
+ Knowledge in creating, administering, and troubleshooting Group Policies (GPOs) [expert-level].
+ Windows Certificates Services Management [expert-level].
+ Scripting Experience: PowerShell and VBScript, and/or other scripting experience [senior level].
+ Windows Server Operating Systems (Server 2016 to 2022) [expert-level].
+ Develops security standards and controls per DISA STIGS and CISA requirements [senior level].
+ Experience with performing root cause analysis, risk identification, and risk mitigation.
+ Interpersonal skills including the ability to collaborate effectively.
+ Demonstrated experience in a fast tempo ITSM support environment.
+ _U.S. citizen or green card holder who has resided in the U.S. for at least 3 years and the ability to obtain a public trust._
PREFERRED SKILLS AND QUALIFICATIONS:
+ Expert level experience with Azure Active Directory.
+ Microsoft Certification(s) including Windows Server Hybrid Administrator Associate, Endpoint Administrator Associate, Azure Fundamentals, Azure Administrator Associate, MS365 Certified Administrator Expert, MCSE/MCSA (retired).
+ Cloud certification including AWS/Azure Solution Architect, AWS SysOps Administrator.
+ Ansible experience is a plus.
+ Any additional professional IT or Project Management certifications.
+ Knowledge of KeyFactor-PKI preferred.
+ Knowledge of SailPoint and/or CyberArk preferred.
+ Strong experience with Windows Failover Clustering, and HA/DR planning and execution.
Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
REQNUMBER: 2510736
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability
-
Recent Jobs
-
Senior PKI Engineer
- SAIC (Washington, DC)
-
Sr. Specialist Manufacturing Engineer (Operations Integrator)
- L3Harris (Huntsville, AL)
-
Associate Staff Analyst
- City of New York (New York, NY)
-
Retail District Manager
- Acosta Group (Chicago, IL)