MKS2 Technologies · 2 months ago
Identity and Access Management System Administrator
Colorado Springs, CO
Full-time
Onsite
Senior Level
$120K/yr - $135K/yr
5+ years expMKS2 Technologies, LLC is an award-winning small business focused on innovative technology solutions in Cyber Security and IT Support Services. They are seeking an Identity and Access Management System Administrator to manage enterprise directory services, including Active Directory and certificate authority services, while also serving as a Scrum Master for an Agile team.
Cyber SecurityInformation TechnologySoftware
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Deployment and maintenance of all active directory domain services/controllers. This includes monitoring health and status of all sites and services in the enterprise
Deployment and maintenance of all certificate authority (CA) services, including issuing all SSL certificates and building out new CA servers in the enterprise. Including tracking all CA server expiration dates, working with applicable teams to perform a renewal process for existing CA certs when needed
Creating and maintenance of system policies, such as Windows group policies, Linux authentication PAM rules/files (in concert with Linux/unix team), and tracking any potential issues as they arise on the system
Maintenance of all account matrices, including all applicable permissions cross overs between enclaves when/if needed
Continuously working with cyber team to ensure all RBAC controls are compliant with current policies for restriction access between enclaves and systems in enterprise for each applicable user/team
Assist cyber team with monitoring all directory services for out of the ordinary logins or accounts behavior metrics to ensure safety of data integrity of the programs system enterprise
Work with other teams to deployment and maintain technologies that include collaborative aspects, such as instant message platforms in enterprise
Work with all team to ensure proper distributed authentication services are configured property to ensure non-repudiation to all available sources. This can includes assisting with configuration of LDAP services to network/software solution, to ensure RBAC access to user base. Examples of LDAP/LDAPS connected endpoints configuration could be things like, HPE iLO interfaces, Gitlab, Cisco ISE, FortiManager, Raritan KVM, etc
Thorough understanding and Active Directory and its replication structure when used in a distributed forest, separated through the use of WAN links
Experience with a on premise multi domain environment using Role based administrative controls (RBAC) for least privilege
Experience with DISA STIG compliance remediation using distributed group policy and SCAP compliance scanners
Ability to integrate automation technologies into daily Active Directory use is a plus
Qualification
Required
Deployment and maintenance of all active directory domain services/controllers. This includes monitoring health and status of all sites and services in the enterprise
Deployment and maintenance of all certificate authority (CA) services, including issuing all SSL certificates and building out new CA servers in the enterprise. Including tracking all CA server expiration dates, working with applicable teams to perform a renewal process for existing CA certs when needed
Creating and maintenance of system policies, such as Windows group policies, Linux authentication PAM rules/files (in concert with Linux/unix team), and tracking any potential issues as they arise on the system
Maintenance of all account matrices, including all applicable permissions cross overs between enclaves when/if needed
Continuously working with cyber team to ensure all RBAC controls are compliant with current policies for restriction access between enclaves and systems in enterprise for each applicable user/team
Assist cyber team with monitoring all directory services for out of the ordinary logins or accounts behavior metrics to ensure safety of data integrity of the programs system enterprise
Work with other teams to deployment and maintain technologies that include collaborative aspects, such as instant message platforms in enterprise
Work with all team to ensure proper distributed authentication services are configured property to ensure non-repudiation to all available sources. This can includes assisting with configuration of LDAP services to network/software solution, to ensure RBAC access to user base. Examples of LDAP/LDAPS connected endpoints configuration could be things like, HPE iLO interfaces, Gitlab, Cisco ISE, FortiManager, Raritan KVM, etc
Thorough understanding and Active Directory and its replication structure when used in a distributed forest, separated through the use of WAN links
Experience with a on premise multi domain environment using Role based administrative controls (RBAC) for least privilege
Experience with DISA STIG compliance remediation using distributed group policy and SCAP compliance scanners
5-6 years' experience administering Active Directory technologies in an enterprise level system
EDUCATION: Bachelors with 9+ or Masters with 7+ or equivalent
LOCATION: Full Time/ On-Site at Schriever in Colorado Springs, CO
CLEARANCE REQUIRMENT: Top Secret
DOD 8570 REQUIREMENT: IAT - Level II
Preferred
Ability to integrate automation technologies into daily Active Directory use is a plus
Benefits
Unlimited approved PTO
Benefits
401k match
Company
MKS2 Technologies
MKS2 is a technology business providing services to the federal government and commercial clients.
201-500 employees
Funding
Current Stage
Growth StageLeadership Team
Brendan Mullen
Founder and CEO
Recent News
Company data provided by crunchbase