POSITION SUMMARY: PowerShell Scripting/Active Directory Engineer with an active Top Secret Clearance and SCI Eligibility to support a very dynamic customer in Washington, DC. RESPONSIBILTIES: - Expert practical experience in creating, modifying, and deleting group policy, troubleshoot group policy issues, determine the effect of all group policies on an account or account group, audit changes to group policy, and maintain a Group Policy Map; - Expert practical experience using Microsoft Active Directory Services, PowerShell, and/or other scripting tools, understand logical representation and enterprise effects of implementation; - Expert practical experience using automated tools or like products like Microsoft Advanced Group Management Policy (AGPM), Microsoft Resultant Set of Policy, Microsoft Forefront Identity Manager (FIM), Microsoft Identity Manager and attributes; - Design and implement Directory Services that effectively reflect business needs, service-level and availability requirements while being robust and scalable to support; including performance analysis and optimization, monitoring, problem resolution, upgrade planning and execution, and process creation and documentation; - Function as SME for Directory Services including; Active Directory Domain Services (ADDS), Azure Active Directory, and Active Directory Certificate Services and as a technical expert on infrastructure projects pertaining to Directory Services, GPO's, authorization services along with their monitoring, security methodologies, management, capacity planning, environment failover and disaster recovery; - Design and architect a global Active Directory Infrastructure, including design and implementation of Group Policy and domain consolidation for multiple large scale organizations; - Ensure the proper systems and administration design. Utilize logical problem solving to find creative solutions to problems in the environment on a broad scale Troubleshoot and resolve Active Directory, GPO, Kerberos, Active Directory Federated Services, Microsoft Identity Manager and other password/identity management systems; - Architect-level Domain Controller expertise--build, promote, replicate and patch advanced planning and implementation tasks; - Ensure new Directory Service technologies are adequately tested and integrated with infrastructure and application services; - Assist in management and support of internal and external DNS systems. Assist in management and support of internal DHCP architecture and scoping; - Advanced knowledge related to installing and configuring Windows Server 2012 or Windows Server 2008 R2 equivalent (preferred); - Advanced knowledge related to administering Windows Server 2012 or Windows Server 2008 R2 equivalent (preferred): - Advanced knowledge related to configuring Advanced Windows Server 2012 Services or Windows Server 2008 R2 equivalent (preferred); - Advanced knowledge related to with Microsoft Windows Server (i.e. 2012 r2, 2008 r2, and 2003, including Active Directory); - Provide quality/production methods to ensure existing group policies are not already in-place to implement user request or change; - Provide active follow-up with users and engineers to ensure actual change worked and did not cause of corrupt use profiles and permissions; - Be able to identify impacts of AD, GPO, OU change; - Ability to document order of applied change and criticality of sequenced process steps; - Experience managing Domain replication; - Expert practical experience applying Federal Information Services Management Act (FISMA) rules to the AD environment; EDUCATION & EXPERIENCE: Typically requires bachelor‘s degree or equivalent and five to seven years of related work experience. - Highly recommended have Microsoft Certified Technology Specialist (MCTS), Security Plus (CompTIA)); preferably Microsoft Certified Solutions Associate (MCSA) certifications; - Experience with SQL; LDAP and Secure LDAP, and Dell Active Administrator; - Able to administer PKI and certificate services (preferred); - Able to administer RSA tokens, as an RA or LRA (preferred); - Minimum of five (5) years with AD group policy, including common Microsoft products such as SharePoint and Exchange for the listed server versions and their successors; - Minimum of five (5) years of troubleshooting AD, especially group policy-related incidents; - Bachelor‘s Degree in Engineering or in one of the disciplines within Information Technology - Technical writing skills; and - Ability to effectively share technical knowledge between government and contractor‘s personnel. PHYSICAL DEMANDS: Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.