Windows Server Systems Administrator

Windows Server Systems Administrator

The individual selected for this position will be a member of the ESA V engineering team and the primary work location in Washington, DC. The work will be performed remotely, with some travel potentially required based on program needs. Excellent hands-on knowledge of Windows enterprise management technologies is required.

You will work closely with the Infrastructure Engineering Manager on the following key tasks:

Core Responsibilities

• Configure and troubleshoot Windows Server operating systems in support of Active Directory, DNS, and Certificate Authorities.
• Demonstrate extensive understanding of Active Directory systems and be able to manage and maintain them.
• Demonstrate extensive understanding of DNS, Certificate Authority, Certificate Management, and Authentication Services (ADFS, SAML, SSO, OKTA).
• Apply STIG and VPR adjustments as required.
• Manage the certificate environment to ensure timely issuance and installation of certificates with no outages.
• Develop scripts to monitor and check the health of Active Directory, DNS, and Certificate Authorities.
• Design, develop, and support scalable, redundant infrastructure, including physical, virtualized, and cloud environments.
• Install, configure, and manage Windows-based certificate authority servers.
• Install, configure, and maintain group management policies, including role-based management.
• Set up administrator and service accounts, maintain system documentation, tune system performance, and install system-wide software.
• Apply NIST, DISA security controls, and security hardening changes based on best practices.
• Validate and implement critical system patches, and allocate directory storage space.
• Improve existing infrastructure to incorporate the latest technology best practices and cross-application integrations.
• Collaborate daily with engineering teams and system owners to influence design and architect solutions in multi-tiered environments.
• Manage individual project priorities, deliverables, and deadlines.
• Produce clear documentation for delivered solutions.

Education and Experience

Typically requires a Bachelor's degree from an accredited college in a related discipline, with 8 - 12 years of prior relevant experience; or a Master's degree with 6 - 10 years of prior relevant experience. Additional years of experience and/or relevant certifications will be considered in lieu of a degree.

Required Qualifications

• BS in Computer Science, Systems Engineering, or related technical field, or equivalent experience with at least 8 years in systems engineering or administration (6 years with a MS/MIS Degree).
• Experience orchestrating workflows to execute at predefined times, including workflows with data dependencies.
• Proficiency in DevOps tools and scripting languages, including PowerShell.
• 5 years of experience with Directory services (Microsoft Active Directory, Entra ID/Azure AD), Certificate Administration, and DNS.
• 4 years of experience providing Tier II & III Windows support for Windows OS.
• 3 years of experience with ADFS, OKTA, or other Authentication services.
• Experience managing certificates and certificate authorities (e.g., Microsoft, Digicert, Entrust/Sectigo, SSL.com).
• Ability to work effectively with individuals from diverse disciplines and varying technical experience levels.
• Ability to work independently without constant supervision.
• Ability to articulate complex technical concepts effectively, both verbally and in writing.

Desired Qualifications

• Experience establishing large computer clusters.
• Experience in continuous configuration automation (CCA) methods for providing a flexible, programmatic platform for deploying and managing infrastructure and application resource configurations.
• Experience with cloud-based technologies (Entra, AWS), including integrating Windows services (AD, ADFS) in a cloud architecture.
• Networking (TCP/UDP, ICMP, and DNS, etc.), infrastructure services, and security experience.
• CompTIA Security+ certification.
• Microsoft Certified Professional (MCP) certification.
• 3 years of experience in server patching, backups, and permission management.
• 4 years of experience in an operations role.