Northrop Grumman
Sr Principal Sys Admin – Identity & Access Mgmt Sys Admin (25-441) - R10207571
Northrop Grumman, Colorado Springs, Colorado, United States, 80509
Sr Principal Sys Admin – Identity & Access Mgmt Sys Admin (25-441) - R10207571
Join to apply for the
Sr Principal Sys Admin – Identity & Access Mgmt Sys Admin (25-441) - R10207571
role at
Northrop Grumman RELOCATION ASSISTANCE:
No relocation assistance available CLEARANCE TYPE:
Top Secret TRAVEL:
Yes, 10% of the Time Description At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people\'s lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation\'s history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they\'re making history. Overview Northrop Grumman Space Systems—Launch and Missile Defense Systems presents an excellent opportunity for a Sr Principal Systems Administrator – Identity & Access Mgmt Systems Administrator (25-441) to join our team of skilled and diverse professionals. Located at Schriever Space Force Base in Colorado Springs, CO, this position plays a crucial role in supporting the U.S. President, the Secretary of Defense, and combatant commanders at strategic, regional, and operational levels. Position Details This position does not offer relocation assistance and requires on-site work with no remote options. Position Overview The Command and Control, Battle Management, and Communications (C2BMC) program is a vital part of the Missile Defense System. It provides a crucial operational platform that allows the U.S. president, the secretary of defense, and combatant commanders at strategic, regional, and tactical levels to plan missile defense operations, monitor battle progress, and actively manage networked sensors and weapon systems to achieve global and regional mission objectives. C2BMC offers a layered missile defense capability, delivering an optimized response to threats across all ranges and flight phases. It serves as a force multiplier by connecting, integrating, and synchronizing autonomous sensor and weapon systems and operations both worldwide and locally to improve overall performance. Additionally, C2BMC is an essential component of all ground and flight tests that verify and demonstrate the missile defense system\'s current and future capabilities. The individual in this role is responsible for deploying and maintaining all types of directory services, including Active Directory Domain Services/controllers, Certificate Authority services, policy tracking and creation, and account management functions within the enterprise. They must be detail-oriented and capable of tracking how events and actions affect the underlying infrastructure, such as replication schedules and group policies. Additionally, this person handles scrum master duties within the Agile framework for a small team. Essential Functions Deployment and maintenance of all Active Directory domain services and controllers, including: Monitoring the health and status of all sites and services within the enterprise, as well as the deployment and maintenance of all certificate authority (CA) services Issuing SSL certificates and setting up new CA servers within the enterprise Tracking expiration dates of all CA servers and collaborating with relevant teams to renew existing CA certificates when necessary Creating and maintaining system policies, such as: Windows group policies Linux authentication PAM rules/files (in concert with the Linux/Unix team) Tracking any potential issues as they arise in the system Maintenance of all account matrices, including all relevant permission crossovers between enclaves when necessary Continuously collaborate with the cyber team to ensure all RBAC controls comply with current policies for restricting access between enclaves and systems in the enterprise for each applicable user or team Assist the cyber team in monitoring all directory services for unusual logins or account activity metrics to ensure the integrity and safety of the data in the C2BMC-G system enterprise Collaborate with other teams on deploying and maintaining technologies that involve collaborative features, such as instant messaging platforms within the enterprise Work with the whole team to ensure that distributed authentication services are correctly set up to ensure non-repudiation across all sources, including: Assisting with LDAP service configuration for the network/software solution to ensure RBAC access for the user base. Examples of LDAP/LDAPS connected endpoints configuration could be things like HPE iLO interfaces, Gitlab, Cisco ISE, FortiManager, Raritan KVM, etc. Thorough understanding of Active Directory and its replication structure when used in a distributed forest, separated by WAN links Experience with an on-premises multi-domain environment utilizing Role-Based Administrative Controls (RBAC) for the least privilege Experience with DISA STIG compliance remediation using distributed group policy and SCAP compliance scanners Basic Qualifications Please list your current security clearance and IAT or relevant certifications on your resume, if applicable. A Bachelor’s Degree in Computer Science, Computer Information Systems, Information Technology, Management Information Systems, Engineering, Mathematics, Physics, or a related field from an accredited university is preferred, along with 8 years of experience; or a Master’s degree (preferred) in a related field with 6 years of relevant work experience; or 12 years of relevant work experience as an alternative to a degree may be considered Applicants must have a current, active in-scope DoD-issued Top Secret security clearance at the time of application, which is required to start with eligibility to be cleared at SCI and SAP security clearance Applicants must have a current active DoD 8140 certification at IAT Level II or higher (such as Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA, etc.), which is required to start Preferred Qualifications A current, active in-scope DoD-issued TS/SCI and SAP security clearance at the time of application is highly desired Ability to incorporate automation technologies into daily Active Directory use is a plus What We Can Offer You Northrop Grumman offers a comprehensive benefits package and a work environment that promotes your growth, supporting both employees and the company\'s success. The benefits provided by Northrop Grumman offer flexibility and control, allowing you to select options that best fit your needs and those of your family. Your benefits will include the following: Health Plan Savings Plan Paid Time Off Education Assistance Training and Development Flexible Work Arrangements https://benefits.northropgrumman.com/us/en2/BenefitsOverview/Pages/default.aspx Additional Northrop Grumman Information Primary Level Salary Range: $113,500.00 - $170,300.00 The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate\'s experience, education, skills and current market conditions. Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries Defense and Space Manufacturing Referrals increase your chances of interviewing at Northrop Grumman by 2x Get notified about new Principal System Administrator jobs in
Colorado Springs, CO . Sr Principal System Admin – Compliance/Patching Sys Admin (25-368) - R10205146
Sr. Space Systems Engineer SME with Security Clearance
Senior Associate, Information Security Systems Engineer Secret - Colorado Springs, CO
Senior Model Based Systems Engineer (MBSE) - TOP SECRET
Senior Machine Learning Engineer, Recommendation Systems
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Join to apply for the
Sr Principal Sys Admin – Identity & Access Mgmt Sys Admin (25-441) - R10207571
role at
Northrop Grumman RELOCATION ASSISTANCE:
No relocation assistance available CLEARANCE TYPE:
Top Secret TRAVEL:
Yes, 10% of the Time Description At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people\'s lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation\'s history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they\'re making history. Overview Northrop Grumman Space Systems—Launch and Missile Defense Systems presents an excellent opportunity for a Sr Principal Systems Administrator – Identity & Access Mgmt Systems Administrator (25-441) to join our team of skilled and diverse professionals. Located at Schriever Space Force Base in Colorado Springs, CO, this position plays a crucial role in supporting the U.S. President, the Secretary of Defense, and combatant commanders at strategic, regional, and operational levels. Position Details This position does not offer relocation assistance and requires on-site work with no remote options. Position Overview The Command and Control, Battle Management, and Communications (C2BMC) program is a vital part of the Missile Defense System. It provides a crucial operational platform that allows the U.S. president, the secretary of defense, and combatant commanders at strategic, regional, and tactical levels to plan missile defense operations, monitor battle progress, and actively manage networked sensors and weapon systems to achieve global and regional mission objectives. C2BMC offers a layered missile defense capability, delivering an optimized response to threats across all ranges and flight phases. It serves as a force multiplier by connecting, integrating, and synchronizing autonomous sensor and weapon systems and operations both worldwide and locally to improve overall performance. Additionally, C2BMC is an essential component of all ground and flight tests that verify and demonstrate the missile defense system\'s current and future capabilities. The individual in this role is responsible for deploying and maintaining all types of directory services, including Active Directory Domain Services/controllers, Certificate Authority services, policy tracking and creation, and account management functions within the enterprise. They must be detail-oriented and capable of tracking how events and actions affect the underlying infrastructure, such as replication schedules and group policies. Additionally, this person handles scrum master duties within the Agile framework for a small team. Essential Functions Deployment and maintenance of all Active Directory domain services and controllers, including: Monitoring the health and status of all sites and services within the enterprise, as well as the deployment and maintenance of all certificate authority (CA) services Issuing SSL certificates and setting up new CA servers within the enterprise Tracking expiration dates of all CA servers and collaborating with relevant teams to renew existing CA certificates when necessary Creating and maintaining system policies, such as: Windows group policies Linux authentication PAM rules/files (in concert with the Linux/Unix team) Tracking any potential issues as they arise in the system Maintenance of all account matrices, including all relevant permission crossovers between enclaves when necessary Continuously collaborate with the cyber team to ensure all RBAC controls comply with current policies for restricting access between enclaves and systems in the enterprise for each applicable user or team Assist the cyber team in monitoring all directory services for unusual logins or account activity metrics to ensure the integrity and safety of the data in the C2BMC-G system enterprise Collaborate with other teams on deploying and maintaining technologies that involve collaborative features, such as instant messaging platforms within the enterprise Work with the whole team to ensure that distributed authentication services are correctly set up to ensure non-repudiation across all sources, including: Assisting with LDAP service configuration for the network/software solution to ensure RBAC access for the user base. Examples of LDAP/LDAPS connected endpoints configuration could be things like HPE iLO interfaces, Gitlab, Cisco ISE, FortiManager, Raritan KVM, etc. Thorough understanding of Active Directory and its replication structure when used in a distributed forest, separated by WAN links Experience with an on-premises multi-domain environment utilizing Role-Based Administrative Controls (RBAC) for the least privilege Experience with DISA STIG compliance remediation using distributed group policy and SCAP compliance scanners Basic Qualifications Please list your current security clearance and IAT or relevant certifications on your resume, if applicable. A Bachelor’s Degree in Computer Science, Computer Information Systems, Information Technology, Management Information Systems, Engineering, Mathematics, Physics, or a related field from an accredited university is preferred, along with 8 years of experience; or a Master’s degree (preferred) in a related field with 6 years of relevant work experience; or 12 years of relevant work experience as an alternative to a degree may be considered Applicants must have a current, active in-scope DoD-issued Top Secret security clearance at the time of application, which is required to start with eligibility to be cleared at SCI and SAP security clearance Applicants must have a current active DoD 8140 certification at IAT Level II or higher (such as Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA, etc.), which is required to start Preferred Qualifications A current, active in-scope DoD-issued TS/SCI and SAP security clearance at the time of application is highly desired Ability to incorporate automation technologies into daily Active Directory use is a plus What We Can Offer You Northrop Grumman offers a comprehensive benefits package and a work environment that promotes your growth, supporting both employees and the company\'s success. The benefits provided by Northrop Grumman offer flexibility and control, allowing you to select options that best fit your needs and those of your family. Your benefits will include the following: Health Plan Savings Plan Paid Time Off Education Assistance Training and Development Flexible Work Arrangements https://benefits.northropgrumman.com/us/en2/BenefitsOverview/Pages/default.aspx Additional Northrop Grumman Information Primary Level Salary Range: $113,500.00 - $170,300.00 The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate\'s experience, education, skills and current market conditions. Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries Defense and Space Manufacturing Referrals increase your chances of interviewing at Northrop Grumman by 2x Get notified about new Principal System Administrator jobs in
Colorado Springs, CO . Sr Principal System Admin – Compliance/Patching Sys Admin (25-368) - R10205146
Sr. Space Systems Engineer SME with Security Clearance
Senior Associate, Information Security Systems Engineer Secret - Colorado Springs, CO
Senior Model Based Systems Engineer (MBSE) - TOP SECRET
Senior Machine Learning Engineer, Recommendation Systems
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr