Sr Principal Sys Admin - Identity & Access Mgmt Sys Admin (25-441)
CO Salary Range: USD 113,500.00 - 170,300.00 per year
RELOCATION ASSISTANCE: No relocation assistance availableCLEARANCE TYPE: Top SecretTRAVEL: Yes, 10% of the Time Description At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.Northrop Grumman Space Systems-Launch and Missile Defense Systems presents an excellent opportunity for a Sr Principal Systems Administrator - Identity & Access Mgmt Systems Administrator (25-441) to join our team of skilled and diverse professionals. Located at Schriever Space Force Base in Colorado Springs, CO, this position plays a crucial role in supporting the U.S. President, the Secretary of Defense, and combatant commanders at strategic, regional, and operational levels.
This position does not offer relocation assistance and requires on-site work with no remote options.
Position Overview:
The Command and Control, Battle Management, and Communications (C2BMC) program is a vital part of the Missile Defense System. It provides a crucial operational platform that allows the U.S. president, the secretary of defense, and combatant commanders at strategic, regional, and tactical levels to systematically plan missile defense operations, monitor battle progress, and actively manage networked sensors and weapon systems to achieve global and regional mission objectives. C2BMC offers a layered missile defense capability, delivering an optimized response to threats across all ranges and flight phases. It serves as a force multiplier by connecting, integrating, and synchronizing autonomous sensor and weapon systems and operations both worldwide and locally to improve overall performance. Additionally, C2BMC is an essential component of all ground and flight tests that verify and demonstrate the missile defense system's current and future capabilities.
This individual is responsible for deploying and maintaining all types of directory services, including Active Directory Domain Services/controllers, Certificate Authority services, policy tracking and creation, and account management functions within the enterprise. They must be detail-oriented and capable of tracking how events and actions affect the underlying infrastructure, such as replication schedules and group policies. Additionally, this person handles scrum master duties within the Agile framework for a small team.
Essential Functions:
Deployment and maintenance of all Active Directory domain services and controllers, including:
Monitoring the health and status of all sites and services within the enterprise, as well as the deployment and maintenance of all certificate authority (CA) services
Want more jobs like this?
Get jobs in Colorado Springs, CO delivered to your inbox every week.
Issuing SSL certificates and setting up new CA servers within the enterprise
Tracking expiration dates of all CA servers and collaborating with relevant teams to renew existing CA certificates when necessary
Creating and maintaining system policies, such as:
Windows group policies
Linux authentication PAM rules/files (in concert with the Linux/Unix team)
Tracking any potential issues as they arise in the system
Maintenance of all account matrices, including all relevant permission crossovers between enclaves when necessary
Continuously collaborate with the cyber team to ensure all RBAC controls comply with current policies for restricting access between enclaves and systems in the enterprise for each applicable user or team
Assist the cyber team in monitoring all directory services for unusual logins or account activity metrics to ensure the integrity and safety of the data in the C2BMC-G system enterprise
Collaborate with other teams on deploying and maintaining technologies that involve collaborative features, such as instant messaging platforms within the enterprise
Work with the whole team to ensure that distributed authentication services are correctly set up to ensure non-repudiation across all sources, including:
Assisting with LDAP service configuration for the network/software solution to ensure RBAC access for the user base.
Examples of LDAP/LDAPS connected endpoints configuration could be things like HPE iLO interfaces, Gitlab, Cisco ISE, FortiManager, Raritan KVM, etc.
Thorough understanding of Active Directory and its replication structure when used in a distributed forest, separated by WAN links
Experience with an on-premises multi-domain environment utilizing Role-Based Administrative Controls (RBAC) for the least privilege
Experience with DISA STIG compliance remediation using distributed group policy and SCAP compliance scanners
Basic Qualifications:
Please list your current security clearance and IAT or relevant certifications on your resume, if applicable.
A Bachelor's Degree in Computer Science, Computer Information Systems, Information Technology, Management Information Systems, Engineering, Mathematics, Physics, or a related field from an accredited university is preferred, along with 8 years of experience; or a Master's degree (preferred) in a related field with 6 years of relevant work experience; or 12 years of relevant work experience as an alternative to a degree may be considered
Applicants must have a current, active in-scope DoD-issued Top Secret security clearance at the time of application, which is required to start with eligibility to be cleared at SCI and SAP security clearance
Applicants must have a current active DoD 8140 certification at IAT Level II or higher (such as Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA, etc.), which is required to start
Preferred Qualifications:
A current, active in-scope DoD-issued TS/SCI and SAP security clearance at the time of application is highly desired
Ability to incorporate automation technologies into daily Active Directory use is a plus
What We Can Offer You:
Northrop Grumman offers a comprehensive benefits package and a work environment that promotes your growth, supporting both employees and the company's success. The benefits provided by Northrop Grumman offer flexibility and control, allowing you to select options that best fit your needs and those of your family. Your benefits will include the following:
Health Plan
Savings Plan
Paid Time Off
Education Assistance
Training and Development
Flexible Work Arrangements
https://benefits.northropgrumman.com/us/en2/BenefitsOverview/Pages/default.aspx
#NGSpace
#COSpace
#NGFeaturedJobs
#C2BMC
Additional Northrop Grumman Information:*
Primary Level Salary Range: $113,500.00 - $170,300.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.
Perks and Benefits
Health and Wellness
- Health Insurance
- Dental Insurance
- Vision Insurance
- Life Insurance
- Short-Term Disability
- Long-Term Disability
- HSA
- HSA With Employer Contribution
- On-Site Gym
- Pet Insurance
- Mental Health Benefits
- Virtual Fitness Classes
Parental Benefits
- Birth Parent or Maternity Leave
- Non-Birth Parent or Paternity Leave
- Fertility Benefits
- Adoption Assistance Program
- Family Support Resources
- Adoption Leave
Work Flexibility
- Flexible Work Hours
- Remote Work Opportunities
- Hybrid Work Opportunities
- Four-Day Work Week
Office Life and Perks
- Commuter Benefits Program
- Company Outings
- On-Site Cafeteria
- Holiday Events
Vacation and Time Off
- Paid Vacation
- Paid Holidays
- Sabbatical
- Leave of Absence
Financial and Retirement
- 401(K)
- 401(K) With Company Matching
- Performance Bonus
- Relocation Assistance
- Financial Counseling
- Profit Sharing
Professional Development
- Tuition Reimbursement
- Promote From Within
- Mentor Program
- Shadowing Opportunities
- Access to Online Courses
- Lunch and Learns
- Internship Program
- Leadership Training Program
- Associate or Rotational Training Program
Diversity and Inclusion
Company Videos
Hear directly from employees about what it is like to work at Northrop Grumman.