View all jobs

Identity & Access Management (IAM) Administrator (ITSSS - D.C.)

Washington, D.C.
Identity & Access Management (IAM) Administrator
FBI Headquarters, Washington, DC
Top Secret – SCI (Clearance FAQs HERE)
ATSG Corporation prides itself on our proven dedication to providing expert assistance to our government partners—without any surprises. We work hard to honor our commitment to our clients while ensuring our employees feel secure and empowered in their work. We take excellent care of our team, so they may have the freedom and confidence to focus on their missions and provide nothing but the best output on the work site and at home.
The company provides a variety of services within the Intelligence Community. Our products may be diverse, but the results are one and the same—on schedule, on budget, and completed with superior quality. We are experienced in areas such as Mobility, Enterprise Architecture, Data Processing, Law Enforcement Mission Support, and Acquisition Support. As an organization, we are consistently expanding our footprint in the contracting community.
We are presently identifying candidates for the following position: Identity & Access Management (IAM) Administrator . We are presently seeking an Identify and Access Management Administrator with an active Top-Secret Clearance w/ SCI to join the Information and Technology Branch (ITB) Information Technology Infrastructure Division (ITID) at the Federal Bureau of Investigation in Washington, DC. The FBI ITB ITID mission includes the provision of comprehensive information technology services to all FBI personnel assigned to the FBI Headquarters, J. Edgar Hoover Building (FBIHQ) in Washington, D.C., Field Offices (FOs), Resident Agencies (RAs), and Legal Attaché (LEGAT) located overseas.
In support of this mission, ITID is responsible for the management and support of the FBI’s IT infrastructure. Part of this infrastructure includes systems operating on four (4) enclaves (BlackNet, Unclassified, Secret, and Top Secret/Sensitive Compartmented Information), as well as the underlying facilities and transports to support them.
Required Qualifications—
  • Top Secret – SCI – this position does not allow the time needed to adjudicate a new clearance. Qualified candidates will already possess the required clearance.
  • Experience supporting authentication services including firewall and web services, Kerberos constrained delegation, and single sign on.
  • Possess a broad understanding of web services including troubleshooting internal and external sources. Must include an understanding of protocols for web traffic, troubleshooting, and diagnosing of connectivity issues.
  • Experience working in Microsoft Windows Server operating system 2016 or earlier including Active Directory.
  • Experience using Microsoft Active Directory Services at the Tier 3 level.
  • Experience managing customer calls, service tickets, advanced systems administration, account creation, and permissions; group policy management and automated scripting beneficial.
  • Experience using Microsoft Forefront Identity Manager (FIM), Microsoft Identity Manager (MIM), Microsoft Forefront Unified Access Gateway (UAG), Microsoft Forefront Threat Management Gateway (TMG) within a single enclave, and Web Application Proxy (WAP).
  • Understand the basics of Firewalls including endpoints, access, policy publishing to include troubleshooting connectivity issues in complex scenarios with consideration of the outward lying network technologies.
  • Experience with High Availability systems including general concepts of arrays, load balancing, and replication.
  • Experience with Lightweight Active Directory Protocol (LDAP) and Secure Lightweight Active Directory Protocol (LDAPS).
  • General understanding of Structured Query Language (SQL); PowerShell expertise beneficial.
Preferred Qualifications—
  • General understanding of Public Key Infrastructure (PKI) and certificate services.
  • General understanding of RSA management and support.
  • Self-starter, able to manage multiple tasks efficiently for on-time delivery.
  • Strong oral and written communication skills, including presentation skills and experience communicating with technical and non-technical audiences.
  • Provide guidance regarding changes to the AD schema.
  • Manage and maintain standardized Organizational Units (OU) in AD.
  • Manage and maintain AD custom attributes and security groups.
  • Manage AD sites and subnets, including site replication.
  • Manage and maintain group policy, and scripts associated with group policy, to secure the IT infrastructure and grant necessary resources to staff, consistent with job requirements (i.e. workstation, server, common Microsoft products such as Exchange, SharePoint and other group policies as requested).
  • Create and maintain a Group Policy Map to indicate what each group policy does, what resource(s) is (are) affected and understand the effect of any change to group policy.
  • Manage the AD database, System Volume (SYSVOL).
  • Monitor Domain Controllers to prevent outages and/or restore service in a timely manner, analyze the policies currently monitored, and make recommendations as needed to provide meaningful alerts for action.
  • Audit changes to accounts, group policy, and other changes to AD with enterprise auditing tools (i.e. Dell Active Administrator, Change Auditor, and Recovery Manager).
  • Follow FBI Change Management Policy when changing the FBI IT infrastructure.
  • Share knowledge with other members of the full AD team, regardless of whether other members are FBI employees or contractors of this or another contractor.
  • Maintain a listing of all service accounts, the applications and servers which use them, and the unit responsible for the accounts.
  • Provision, modify, and deprovision user and administrator accounts on the four (4) enclaves upon receipt of approved access or deprovisioning request, based upon location, role, or both. Accounts shall be provisioned/modified/deprovisioned within five (5) days of receipt or date specified in the request, whichever is later. MDSU is currently receiving an average of 165 requests daily. As part of this process, the Exchange mailboxes are also created.
  • Make necessary adjustments to security controls to grant only that access to IT resources required for job performance.
  • Manage user profiles, including access to share drives, OU assignment, password reset, and general directory cleanup at regular intervals.
  • Support personnel moves by migrating user profiles and data to data stores associated with new location.
  • Manage and maintain delegation of permissions.
  • Follow FBI policy and procedures for account management to create, modify, or delete accounts and account permissions.
ATSG Benefits & Perks—
  • We offer a QUICK and EASY application process!
  • Medical, Dental, & Vison Insurance Available
  • Our Medical Insurance Plan offers Virtual Visits (through AmWell and MDLIVE) that can be done via your smartphone, tablet, or computer without leaving your home or office- for addressing a wide range of minor conditions!
  • Paid Federal Holidays
  • Paid Personal Time Off (PTO) & Sick Time Off (STO)
  • Life and Disability Benefits
  • Flexible Spending Accounts (FSAs) & Health Savings Accounts (HSAs)
  • Retirement Benefits: Fully Vested 401(k) Plan
  • Voluntary Benefits such as Legal Resources, AFLAC, VPI Nationwide® Pet Insurance (because our fur-babies are family, too!), & Continuing Education Assistance.
*Candidates are encouraged to submit a .doc or .docx resume that explicitly addresses each of the requirements listed above.
As an Equal Opportunity Employer, our applicants and employees are protected from discrimination. Visit http://bit.ly/FederalEEO for more information.
Equal access to programs, services and employment is available to all persons. Those applicants requiring reasonable accommodation to the application and/or interview process should notify a representative of the Recruiting Team.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals on the basis of protected veteran status or disability and require affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans and individuals with disabilities.
To comply with Federal law, ATSG Corporation participates in E-Verify.  Successful candidates must pass the E-Verify process after hire.
We respectfully request not to be contacted by recruiters and/or staffing agencies.
Powered by