Full Time Employee Contractor
District of Columbia
Active Directory Engineer
CGI Federal is looking for an Active Directory Engineer with a strong background in Active Directory and PIV enablement to provide subject matter expertise to a government agency in moving to strong authentication using PIV cards. The individual will work on a small team performing an analysis of the client's current FICAM capabilities, providing recommendations for configuring Active Directory for PIV access and working with the client to implement the new configurations, including testing and assisting with security plans. This person will be working extensively with the client during the analysis and roll-out phases of the program.
- Analyze Active Directory architecture and settings and identify gaps
- Perform identity data correlation and provide reports to client
- Work with clients to update data in Active Directory
- Contribute to preparing "runbooks" with instructions and settings for agency systems administrators
- Customize PowerShell scripts to perform data sanitation, configuration and GPO policies
- Develop and maintain repeatable processes documents that govern the installation, configuration, administration and maintenance of identity authorization processes
- Will work at various federal client sites throughout the DC metro area
- Bachelor's degree and 7+ years of related experience
- 3+ years experience with configuring and managing Active Directory and Group Policy Objects, including design, configuration and deployment
- Knowledge of HSPD-12/PIV/CAC, FIPS 201, FICAM, NIST SP 800-53, FISMA, NSTIC and other federal ICAM-related directives, standards and mandates
- Proficiency in PowerShell scripting
- Unix server administration experience
- Experience implementing Public Key Infrastructure (PKI) with Active Directory
- 2+ years experience supporting authentication protocols (Kerberos, SAML, OAUTH, LDAP, etc.)
- Strong communication skills to interact with IT staff and stakeholders
- CISSP certification a plus
- Certified Authorization Professional (CAP) certification
- Microsoft Certified System Engineer
- Experience with enterprise identity management products
- Familiarity with ADFS, Kerberos, NTLM, OAuth, SAML, and other authentication methods
- Ability to work within a team environment with a solid work ethic
- Familiarity with SailPoint, RadiantLogic and Centrify
- Strong written and oral communications skills
- Ability to work both independently and with a team to solve problems
- Initiative to quickly learn and put new skills to use
- Ability and initiative to set goals and execute
This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.
We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted.
No unsolicited agency referrals please.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary depending upon specific assignment, or upon any US government security clearance if required. Qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, gender Identity, sexual orientation, national origin, age, disability, veteran status, pregnancy, or other status protected by law. CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI?s legal duty to furnish information.
To apply for this job, contact: