- 
        Enterprise Directory Services - Remote
- NANA Regional Corporation (South Burlington, VT)
- 
             The Enterprise Directory Services SME provides deep technical leadership and strategic guidance for USCIS’s directory services infrastructure. The SME is responsible for designing, implementing, maintaining, securing, and modernizing enterprise directory services (such as Active Directory & related identity store systems) to support strong authentication, authorization, and identity management across the USCIS enterprise. The SME ensures the directory environment is reliable, scalable, secure, and aligns with federal and DHS/USCIS policies. Responsibilities + Lead the design, administration, and optimization of enterprise directory services (e.g., Microsoft Active Directory, AD FS, AD LDS, LDAP directories, Azure AD, hybrid directory environments). + Oversee directory service operations: domain/forest architecture, tree structure, schema design, group policy, domain controllers, replication, global catalog, trust relationships, DNS/DHCP integration. + Manage identity lifecycle integration: onboarding/offboarding, account provisioning/deprovisioning across enterprise applications leveraging directory services. + Ensure high availability, disaster recovery, redundancy, and fault tolerance for directory services. + Troubleshoot and resolve complex directory service issues: authentication problems, replication failures, trust issues, group policy conflicts, schema extensions, latency, performance bottlenecks. + Lead modernization and migration initiatives (e.g. domain/forest consolidation, directory upgrades, cloud integration, directory as a service, or moving parts of identity to Azure AD or hybrid cloud). + Architect and enforce security standards for directory services: least privilege, secure administrative practices, privileged access management, hardening of domain controllers, role separation, logging and auditing. + Collaborate with Security, IAM/ICAM/Identity teams, Network, Infrastructure, Application, and Cloud teams to integrate directory services with broader enterprise identity and access management, authentication/authorization systems, SSO, MFA, certificate services etc. + Maintain documentation: directory topology, policies, procedures, standard operating procedures (SOPs), emergency recovery plans, schema change management, configurations. + Provide expert guidance on directory-sizing, capacity planning, patching/upgrades, and domain controller life cycle management. + Support compliance efforts with NIST, FISMA, DHS policies, and any USCIS / federal mandates relevant to identity and directory services. + Mentor junior directory administrators and engineers; provide knowledge transfer. + Participate in architecture review boards, change control boards for any changes to directory services. Qualifications + U.S. Citizenship; must satisfy DHS/USCIS suitability or security clearance requirements. + Bachelor’s degree (Computer Science, Information Systems, Cybersecurity, or related field). Advanced degree a plus. + Substantial experience (often 7-12+ years) working with directory services in large, complex enterprise environments. + Deep expertise in Microsoft Active Directory (AD DS), AD FS, AD LDS, Azure AD/Azure AD Connect, hybrid directory infrastructures. + Strong knowledge of group policy design, DNS, domain/forest functional levels, replication and trust relationships. + Experience with schema management, directory upgrades, migrations, forest/domain consolidations. + Proven experience securing directory services: hardening domain controllers, applying patches, managing privilege elevation, auditing/logging. + Good scripting/automation skills (PowerShell, etc.) to manage directory tasks, monitoring, maintenance, and deployments. + Strong analytical/problem-solving and troubleshooting skills. + Excellent communication skills, both technical and non-technical; ability to produce documentation and briefing materials. Preferred / Desirable Skills: + Certifications such as Microsoft Certified: Identity and Access Administrator, MCSA/MCSE, or equivalent. + Experience with third-party directory or identity services tools (e.g. LDAP systems, non-Microsoft directories). + Hands-on experience with cloud-based directory and identity services (Azure AD, AWS Directory Service, etc.). + Experience integrating directory services with application authentication (SSO, OAuth, SAML, etc.). Job ID 2025-19841 Work Type On-Site Company Description Work Where it Matters Truestone, an Akima company, is not just another federal lifecycle solutions contractor. As an Alaska Native Corporation (ANC), our mission and purpose extend beyond our exciting federal projects as we support our shareholder communities in Alaska. At Truestone, the work you do every day makes a difference in the lives of our 15,000 Iñupiat shareholders, a group of Alaska natives from one of the most remote and harshest environments in the United States. **For our shareholders** , Truestone provides support and employment opportunities and contributes to the survival of a culture that has thrived above the Arctic Circle for more than 10,000 years. **For our government customers** , Truestone delivers everything from requirements and design to operations, logistics, and support at every lifecycle stage for complex systems and networks. **As a Truestone employee** , you will be surrounded by a challenging, yet supportive work environment that is committed to innovation and diversity, two of our most important values. You will also have access to our comprehensive benefits and competitive pay in addition to growth opportunities and excellent retirement options. We are an equal opportunity employer and comply with all applicable federal, state, and local fair employment practices laws. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law. If you are an individual with a disability, or have known limitations related to pregnancy, childbirth, or related medical conditions, and would like to request a reasonable accommodation for any part of the employment process, please contact us at [email protected] or 571-353-7053 (information about job applications status is not available at this contact information). 
 
 
- 
        
Recent Searches
- Field Service Engineer Apprentice (California)
- Security Officer Access Control (Texas)
- Program Manager Call Center (Kansas)
- Deputy Program Manager Call (Kansas)
Recent Jobs
- 
                
                    Enterprise Directory Services - Remote
                
                - NANA Regional Corporation (South Burlington, VT)