Senior Windows Engineer in Arlington VA - 5% Signing Reward - IT Solutions On Demand
NOTE: THERE IS NO TIME FOR TRAINING. THE IDEAL CANDIDATE WILL NEED TO MEET THE MINIMUM QUALIFICATIONS DESCRIBED HERE, BE ABLE TO HIT THE GROUND RUNNING ON THE FIRST DAY, AND HAVE SSBI SECRET CLEARANCE. Senior. Windows Engineer position is responsible maintaining and upgrading Windows platforms including ADFS, GPOs, Active Directory (and Domain Controller replication health), Certificate Authority, DNS, DHCP, AWS cloud, O365/Azure, SCOM, patching each of these components, Create reports (usually in PowerShell), as well as supporting Windows OS on over 250 Windows servers across 3 domains (disjoined root and a 1 way trust to TestDev). ADFS piece relates to 30 relying party trusts from in house applications to O365 in a shared tenant. There is also a high demand for scripting solutions for SCCM and for custom reports. Responsibilities ADFS: Maintain 30 relying party trusts, and create more as needed. Also includes knowledge of custom claims rules although those are usually provided by the Service Provider. o Designing/Troubleshooting to O365 and Workspace One (for mobile) * GPOs: Creating any new GPO required as well as updating STIG based on new releases. Many applications require GPO troubleshooting * Active Directory: Creating privileged accounts, and investigating problem ad objects. Many applications also integrate with LDAP which requires Server Ops Support * Certificate Authority: Being able to troubleshoot failing certificate, adding required certificates to GPO/DSPublish, some interaction with Linux Keystores, understanding PIV/CAC/Smart Card authentication. * DNS: Updating DNS entries and troubleshooting any potential DNS errors. * DHCP: manage scopes, understand and tweak a failover relationship, understand replication direction, analyze scopes that are missing ad sites * AWS Cloud: Understand what ports communication happens on as half the environment is behind a strict firewall. * O365/Azure: Although O365 email knowledge is not required, must be able to run azure queries through ECP/Security Compliance Center/ and PowerShell. * SCOM: Create overrides, add subscriptions, create new monitors, understand event log collection monitors,understand APM and its effect on IIS applications (especially SharePoint) * Troubleshoot any windows related error on a server: RDP is failing, a STIG setting is causing a problem, a patch caused a problem with the application, an application's ability to use SSO stopped working. * PowerShell: from getting information on ad objects to running DNS/DHCP queries to scanning shared drives to custom SCCM script deployments, this position extensively uses PowerShell. The ability to write, from scratch, a report to show all disabled users in the last 90 days or to show all DHCP scopes with less than X percent free is required. Qualifications Public Trust (minimum), Secret clearance, TS Clearance preferred * 10+ years' experience in working with PowerShell, Active directory, SaaS, * 3-5 years' experience with Azure, Office 365, OneDrive, Skype for business, SharePoint * Working knowledge of ADFS, AD trust, forest\child domain architecture, AD Sites and Services, AD integrated DNS, Public DNS, LDAP, DHCP, GPO, groups, AD permissions and AD delegation * Working knowledge of Microsoft PKI and OCSP implementations. * Working knowledge of Microsoft Lync. Add users, troubleshoot user login issues and understanding SIP Desired Qualifications: * Working knowledge of Office 365 management tools * Experience with Microsoft System Center * Technical written & verbal communication skills (technical writing) * VMware ESX /5.5/6.0/6.5 * Advanced knowledge of systems engineering principles, methods, and techniques. * Knowledge of the associated hardware, software, and equipment.