Senior System Engineer – Automation and Orchestration
DESCRIPTION OF WORK PERFORMED
• Supports the Information Technology (IT) Architecture and Engineering (A&E) team by providing a combination of software and system engineering (SE) knowledge, skills, abilities, standards and best practices to implement modern and Next Generation (NexGen) IT solutions leveraging a wide array of vendors and technologies across the full stack: physical, networking, storage, virtualization, servers, applications, and services.
• Compose correspondence/reports; research, draft or abstract reports; update and manage databases as well as coordinate worldwide tracking of systems supporting full spectrum operations.
• Serve as the A&E team’s Microsoft PowerShell Subject Matter Expert (SME) – leveraging technical knowledge and experience using PowerShell specifically to overcome unique IT challenges.
• Identify, assess, and develop Microsoft PowerShell based solutions to help address IT business and mission use cases across a variety of vendor platforms, as well as in-house custom software obsolescence issues with legacy code and scripts, with an end-goal to help reduce the human responsibility and subsequent human error factor, of related tasks and actions through scripting, automation, and orchestration.
• Leverage advance Microsoft PowerShell features and concepts to further enhance and improve existing and new enterprise-grade IT solutions through the introduction of Infrastructure as Code (IAC), Configuration as Code (CAC), scripted deployments and installations, and Desired State Configurations (DSCs).
• Responsible for implementing and testing Microsoft Just Enough Administration (JEA) setups within the multiple enterprise environments to further improve Least Privilege and Role Based Access Control (RBAC) information security (INFOSEC) efforts.
• This position will require an active DoD Top Secret with SCI
Experience/Special Knowledge Desired:
Education: • Bachelor Degree from accredited University; OR
Training: NEC 741A Information System Security Manager; or NEC 742A Network Security Vulnerability Technician; or NEC H08A Advanced Network Analyst; OR
Certification: Certified Authorization Professional (CAP); or Cisco Certified Network Associate (CCNA) Routing and Switching *Retired; or CompTIA Security+ ce; AND
OJT: NAVEDTRA 43469 Watchstation 302 – Information Assurance Technician Level II (Privileged User)
• Shall have 5 or more years of personal hands-on experience with the end-to-end development of coded/scripted solutions using modern scripting languages (PowerShell, Python, etc.) for the implementation, configuration, automation, orchestration, and/or maintenance of enterprise-grade technologies (i.e., systems, applications, and services) deployed across a multi-platform (Windows, *nix, etc.) information system.
• Shall have 5 or more years of hands-on experience with Microsoft Windows based operating systems (OS), Services (Active Directory, DHCP, DNS, etc.), and Applications (Exchange, IIS, SharePoint, SQL Server, etc.) working in production enterprise environments.
• Shall have 3 or more years of experience actively programming in Microsoft PowerShell to include the code design and writing, testing, troubleshooting, code optimization, code deployment, code improvements, and documentation.
• Shall have 3 or more years of experience in understanding, recognizing, and incorporating PowerShell code development best practices with personally written products to include the areas of code generation, requires, commentary, code level, logging, error handling and checking, and reporting and notifications.
• Shall have 3 or more years of experience designing, engineering, implementing, and maintaining solutions in secure processing environments which must adhere to U.S. Government Information Assurance and Security standards such as the Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs).
• Demonstrated experience in capturing, analyzing, and decomposing stakeholder and/or product requirements in order to generate design solutions that will be implemented, tested, and eventually transitioned to the operational environment that acknowledge technical, compliance, schedule, and cost constraint.
• Strongly desired to be Global Information Assurance Certification (GIAC) Certified Windows Security Administrator (GCWN) certified.
• Technical certifications in other enterprise-level OSs, applications, and technologies, such as Citrix, Cisco, Microsoft, NetApp, Nutanix, Red Hat, Splunk, and/or VMware are also a plus.
• Demonstrated experience authoring PowerShell Advanced and Proxy functions, including the provisioning of PowerShell Command Help.
• Demonstrated experience in understanding, writing, and using PowerShell Script Modules (PSMs) and Manifest files for the purpose of referencing, loading, persisting, and sharing in-house developed code.
• Demonstrated experience working with Public Key Infrastructure (PKI) implementations, such as Microsoft Active Directory Certificate Services (ADCS), to configure, implement, and maintain Code Signing capabilities for in-house developed PowerShell modules across an enterprise information system.
• Demonstrated experience working with other vendor’s custom PowerShell Cmdlets, through their PowerShell modules (i.e., Citrix, NetApp, Nutanix, VMware, etc.), to automate and orchestrate their routine administrative, as well as complex implementation and/or troubleshooting, tasking. Experience working with the configuration of PowerShell-based Remoting (WS-MAN and WinRM), including custom endpoints (session configurations), Access Control List (ACLs), Host-based Firewall Exceptions, and related tasks. Experience working with Microsoft PowerShell Jobs and Workflows to develop sequences of programmed, connected steps to perform long-running tasks and/or coordinate multiple steps across multiple devices or managed nodes simultaneously.
• Demonstrated experience working with Automation and Orchestration tools such as Nutanix Calm, Puppet, Chef, etc. to provide automated, repeatable, solutions for routine use by teams within the IT organization and to introduce Infrastructure as Code (IAC).
• Demonstrated experience working with Microsoft PowerShell in direct support of the configuration, testing, and use of the Microsoft Desired State Configuration (DSC) management platform to standardize and maintain established baseline configurations for enterprise Systems, Applications, and/or Services to enable Configuration as Code (CAC) and to support Configuration Management (CM).
• Demonstrated experience working with Microsoft PowerShell in direct support of the configuration, testing, and use of Microsoft’s Just Enough Administration (JEA) security technology to enable delegated administrative rights and privileges for anything that can be managed with PowerShell to include the creation and maintenance of PowerShell Session Configuration files (PSSC) and PowerShell Role Capability files (PSRC), and the use of the JEA Helper Tool.
• Demonstrated experience working with newer core Microsoft technologies to include Active Directory, Windows 10, Windows Server 2016, Microsoft SQL Server 2016, and Microsoft IIS 10.
• Demonstrated experience in leveraging and providing system engineering within an established System Development Life Cycle (SDLC) program.
• Demonstrated experience performing advanced troubleshooting techniques, methodologies, processes and practices to quickly identify and assess an issue, develop the strategy to resolve the issue, implement the resolution, and restore the degraded entity to an operational state all while maintaining concern for the original configuration and the overall Information· Security (INFOSEC) posture of the environment.
• Demonstrated experience providing mentorship and On the Job Training (OJT) to junior and/or lesser experienced team members.
• Familiarity with, and possess a basic level of understanding of, legacy software languages such as Visual Basic (VB) and derivatives (VBA, VB6, etc.) and Windows Batch scripting (i.e., BAT) to support the production of new PowerShell solutions to replace outdated and obsolescent code and scripts in use in production.
• Familiarity with the concept, implementation, and operations associated with DevOps in a hybrid IT organization, with personal experience with disparate Software Development and Operations and Maintenance (O&M) teams to support a variety of in-house developed code-based solutions through a Software Development Life Cycle (SDLC).
Location: Springfield, VA