View all jobs

FBI Identity & Access Management System Administrator

Washington, DC · Computer/Software

Identity & Access Management System Administrator (FBI)

Location: Washington, DC 20535
Work Type: Full-time, 40 hours per week
Remote Work: No
Travel: No

Job Description

ATSG is presently identifying candidates for the following position: Identity & Access Management Systems Administrator with an active Top-Secret/Secret Compartmental Information (TS/SCI) security clearance to join ATSG's team providing services to the FBI's Information and Technology Branch (ITB) Information Technology Infrastructure Division (ITID) Collaboration & Compliance Section (CCS) Messaging and Directory Services Unit (MDSU). MDSU provides account management and email operational technical support services to ensure communications are available 24x7x365.

ITID's mission includes the provision of comprehensive information technology (IT) services to all FBI personnel assigned to the FBI Headquarters, J. Edgar Hoover Building (FBIHQ) in Washington, D.C., Field Offices (FOs), Resident Agencies (RAs), and Legal Attaché (LEGAT) located overseas. In support of this mission, the Identity & Access Management Systems Administrator will provide management and support to the FBI's IT infrastructure. The Identity & Access Management Systems Administrator is a member of the CCS MDSU services team which was established to support Microsoft Active Directory (AD), Identity Management, Exchange, and Lync on four (4) enclaves: BlackNet, Unclassified, Secret, and Top Secret/Sensitive Compartmented Information, as well as the underlying facilities and transports.

Duties and Responsibilities

  • Provide guidance regarding changes to the AD schema.
  • Manage and maintain standardized Organizational Units (OU) in AD.
  • Manage and maintain AD custom attributes and security groups.
  • Manage AD sites and subnets, including site replication.
  • Manage and maintain group policy, and scripts associated with group policy, to secure the IT infrastructure and grant necessary resources to staff, consistent with job requirements (i.e. workstation, server, common Microsoft products such as Exchange, SharePoint and other group policies as requested).
  • Create and maintain a Group Policy Map to indicate what each group policy does, what resource(s) is (are) affected and understand the effect of any change to group policy.
  • Manage the AD database, System Volume (SYSVOL).
  • Monitor Domain Controllers to prevent outages and/or restore service in a timely manner, analyze the policies currently monitored, and make recommendations as needed to provide meaningful alerts for action.
  • Audit changes to accounts, group policy, and other changes to AD with enterprise auditing tools (i.e. Dell Active Administrator, Change Auditor, and Recovery Manager).
  • Follow FBI Change Management Policy when changing the FBI IT infrastructure.
  • Share knowledge with other members of the full AD team, regardless of whether other members are FBI employees or contractors of this or another contractor.
  • Maintain a listing of all service accounts, the applications and servers which use them, and the unit responsible for the accounts.
  • Provision, modify, and deprovision user and administrator accounts on the four (4) enclaves upon receipt of approved access or deprovisioning request, based upon location, role, or both. Accounts shall be provisioned/modified/deprovisioned within five (5) days of receipt or date specified in the request, whichever is later. MDSU is currently receiving an average of 165 requests daily. As part of this process, the Exchange mailboxes are also created.
  • Make necessary adjustments to security controls to grant only that access to IT resources required for job performance.
  • Manage user profiles, including access to share drives, OU assignment, password reset, and general directory cleanup at regular intervals.
  • Support personnel moves by migrating user profiles and data to data stores associated with new location.
  • Manage and maintain delegation of permissions.
  • Follow FBI policy and procedures for account management to create, modify, or delete accounts and account permissions.


Clearance Requirement

  • Top Secret (TS) at the time of application
    *All candidates must be willing to undergo routine FBI criminal and credit checks throughout their employment with ATSG and successfully complete a Counterintelligence (CI) focused polygraph examinations at the Government's discretion; the polygraph examinations may be required prior to acceptance or at any time during the contract.


Minimum Qualifications

  • Active, fully adjudicated Top-Secret/Secret Compartmental Information (TS/SCI) security clearance.
  • Willingness to be subject to routine FBI criminal and credit checks.
  • Ability to successfully complete a Counterintelligence (CI) focused polygraph examinations at the Government's discretion; the polygraph examinations may be required prior to acceptance or at any time during the contract.
  • Experience with SQL; LDAP and Secure LDAP; Dell Active Administrator.
  • At least 12 months working experience using Microsoft Forefront Identity Manager (FIM), Threat Management Gateway (TMG), and Forefront Unified Access Gateway (UAG).
  • Working knowledge and experience supporting authentication services, firewalls, high availability systems, and web services. The main focus for authentication services would include certificate authentication using Kerberos constrained delegation, and single sign-on.
  • Basic firewall understanding of endpoints, access, and publishing policies; including the ability to troubleshoot connectivity issues in complex scenarios, with consideration of the outward lying network technologies.
  • Recent experience working with high availability systems and understand general concepts of arrays, load balancing, and replication.
  • General understanding of PKI and certificate services.
  • General understanding of RSA management and support.
  • Possess a broad understanding of web services, including publishing and troubleshooting material published by internal and external sources; this experience must include an understanding of protocols used for web traffic and troubleshooting tools to diagnose connectivity issues.
  • Knowledge and experience using Microsoft Active Directory Services.
  • Experience with Microsoft Windows Server (i.e. 2012 r2, 2008 r2, and 2003, including Active Directory).
  • Technical writing skills.
  • Ability to effectively share knowledge.
  • Strong oral and written communication skills, including presentation skills and experience communicating with technical and non-technical audiences.
  • Self-starter, able to manage multiple tasks efficiently for on-time delivery.


Preferred Qualifications

  • Bachelor’s degree in Computer Sciences, Information Systems, Communications or related discipline or extensive demonstrated equivalent experience.
  • Working knowledge of Microsoft Exchange.
  • Working knowledge of Microsoft Active Directory (AD).
  • Working knowledge of Microsoft Lync Support



ATSG Corporation is a Veterans Affairs (VA) CVE-Certified Service-Disabled Veteran-Owned Small Business (SDVOSB) based in Fairfax, VA with branch offices throughout Central America.  Since 2004, ATSG has successfully deployed its experience and expertise to support the most challenging and complex projects for various Federal agencies. Our robust portfolio includes cutting-edge technical solutions and professional support in Program Management, Consulting, Operations and Planning Support, Training and Advisory Services, and IT and Knowledge Management. We take pride in our proven dedication to providing expert assistance to our government partners. ATSG provides a variety of services within the Intelligence Community and is experienced in areas such as Mobility, Enterprise Architecture, Data Processing, Law Enforcement Mission Support, and Acquisition Support. Our products may be diverse, but the results are one and the same—on schedule, on budget, and completed with superior quality. As an organization, we are consistently expanding our global footprint in the contracting community. We work hard to honor our commitment to our clients while ensuring our employees feel secure and empowered in their work. We take excellent care of our team, so they may have the freedom and confidence to focus on their missions and provide nothing but the best output on the work site and at home.

*Candidates are encouraged to submit a .doc or .docx resume that explicitly addresses each of the requirements listed above.

ATSG Corporation is an equal employment opportunity/affirmative action employer, our applicants and employees are protected from discrimination. Visit http://bit.ly/FederalEEO for more information. Equal access to programs, services and employment is available to all persons. Those applicants requiring reasonable accommodation to the application and/or interview process should notify a representative of the Human Resources Department.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals on the basis of protected veteran status or disability and require affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans and individuals with disabilities.

To comply with Federal law, ATSG Corporation participates in E-Verify.  Successful candidates must pass the E-Verify process after hire. 
We respectfully request not to be contacted by recruiters and/or staffing agencies.




Share This Job

Powered by