Senior Identity and Endpoint Engineer, Tier-3/4

ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work™


ASRC Federal is seeking a Senior Identity and Endpoint Engineer, Tier-3/4 to support an upcoming award in San Antonio, TX.

Location: San Antonio, TX (On-Site)
Clearance: U.S. Citizen with ability to obtain a Public Trust.

Summary: This contract will provide 24/7/365 operations support to the customer. Applicant must be able and willing to work on-call, shift, or surge if required. Must be flexible and able to travel when necessary. Will need a Real ID and current passport.

Work arrangement: This position will require on-site occupancy at or near the Ft Sam Houston location. Core hours are 6:00am – 6:00pm; exception being shift-work (surge) or on-call staff. Telework may be considered on a position-by-position bases with approval by the customer.

Responsibilities:
Position may require management of personnel. Managerial responsibilities include but are not limited to, on-boarding & exiting assistance, timecard accounting, performance reviews, mentoring, and reporting.

Expert-level knowledge or significant hands-on experience in:

• Create standardized, forward-looking, compliant designs and solutions for directory services, identity, credentialing, and access management, Cryptographic Key Management, Privileged Identity Management, Privileged Access Management, Identity Automation, Attribute aggregation, Public Key Infrastructure (PKI), and Public Key Enabling (PKE) engineering activities.
• Provide engineering, architectural, and Tier 3/4 expertise to deliver forward-looking, compliant, solutions for the customer hybrid environment in support of standard Application Integration, Application Security, Desktop Engineering, and Service Monitoring functions that enable management to the endpoint.
• Research, design, develop, and test operating systems-level software, compilers, and network distribution software for medical, industrial, military, communications, aerospace, business, scientific, and general computing applications. Set operational specifications and formulate and analyze software requirements. May design embedded systems software. Apply principles and techniques of computer science, engineering, and mathematical analysis.
• Directory Services – Engineer, design, update and maintain the Medical Joint Active Directory (mJAD) Technical Requirements and Architecture & Design Document.
• Public Key Infrastructure - Engineer solutions that comprise DHA’s implementation of the DoD and DHA PKI.
• Identity - Engineer solutions that enable MHS administrators to manage persons, non-person entities, groups, and authorized assets in a system, including controlling access to resources within that system by associating user rights and restrictions with an authenticated identity.
• Public Key Enablement - Engineer solutions that support MHS administrators, developers, and vendors with configuring information systems, services, and applications to employ X.509 certificates (to include certificates from DoD, cross certificates, and External Certificate Authority Coalition, DHA IMA PKI and DoD-approved external PKIs) and modern encryption techniques.
• Application Integration – Engineer packages and test software that supports the baseline OS for virtual and physical endpoints throughout the environment, including standardized administration, security, and monitoring suite. Engineer, architect, design, configure and maintain Enterprise Management solutions and appropriate engineering and architecture packages and drawings as needed by the environment. Engineer, architect, design, support and troubleshoot endpoint management tools, infrastructure, and agents on-premises, in the cloud and SaaS as appropriate to deliver and maintain endpoints, applications, services, hotfixes, patches and tools in support of the enterprise medical mission. Develop, maintain, and adjust methodologies, standards, and packages in support of forward-looking objectives to transition from on-premises, cloud, and SaaS use cases as appropriate. Develop new processes for upgrading, transitioning and/or migrating MS Endpoint Configuration Manager (MECM) enterprise packages for use in Intune. Design, recommend, and develop new reporting processes in support of customer mission.
• Endpoint and Identity Security - Validate compliance with IA controls and cybersecurity best practices for baseline applications, products, solutions, endpoints, and operating systems informed by DoDI 8510.01, Risk Management Framework (RMF) for DoD Systems.
• Desktop/Endpoint Engineering – Engineer, design, develop and architect the endpoint architecture in support of deployment and consumption throughout the customer environment.
• Mobile Engineering – Develop, design, engineer, and architect solutions to standardize mobile device delivery, operating system/firmware upgrades, application validation, configuration and testing, device configuration, application and device provisioning, management, security, distribution, authentication, and end-user experience through on-premises, cloud, and SaaS based offerings and tools.
• Service Monitoring Function – Engineers, design, architect and configure solutions to monitor systems, metrics, policies, and alerting functions to validate baseline applications, desktops and systems from an On-Prem, Hybrid and Cloud view. Design, engineer, and architect solutions using a hybrid approach with consideration of InTune, Microsoft System Center Operations Monitor (SCOM), Azure Monitoring and other pertinent tools to meet compliance standards and Service Level Agreements.
• Applications and Application Packaging – Engineer, design, consult, build, script and deliver applications and application packages using available enterprise management products and tools that allow customer enterprise delivery capabilities and sustainment of those applications and packages.

Requirement
• Must be a U.S. Citizen and with ability to obtain/maintain a Public Trust
• Must successfully complete a government issued background investigation.
• Must be flexible to travel when necessary. Must have Real ID, and ability to obtain a U.S. Passport.

Education:
• Minimum of 6 years of relevant work experience with a BA/BS degree in Information Technology, Computer Science, Engineering Management or related discipline OR in lieu of a technical degree, must have BA/BS degree with a minimum of 8 years of relevant work experience in Information Technology, Computer Science, Engineering Management or related discipline OR
• MA/MS degree in Information Technology, Computer Science, Engineering Management or related discipline, with 6 years of relevant experience OR
• AA/AS degree or high school diploma with 15 years of experience in Information Technology or a related field.

Desired Certifications: Applicants will be required to have, or ability to obtain within 6-months after hire, required certifications for the position.
• CompTIA Security+ (DoD 8570/8140 IAT Level II Baseline)
• Microsoft Certified: Azure Administrator Associate
• Microsoft Certified: Windows Server Hybrid Administrator Associate
• Cisco Certified Network Associate (CCNA)
• Microsoft System Center Operations Manager (SCOM) Training
• Cybersecurity and Infrastructure Security Agency, Certified Information Systems Security Professional (CISSP)
• GIAC Certified Enterprise Defender (GCED), and/or GIAC Certified Incident Handler Certification (GCIH)
• Certified Information Systems Security Professional (CISSP)
• STIG 101 Training
• ITIL® 4 Foundation
• Certified ScrumMaster® (CSM)

Must have the ability to:
• Provide excellent customer service
• Coordinate several concurrent tasks
• Interface with users in a pleasant and tactful manner
• Be self-motivated
• Quickly learn new IT technologies
• Occasionally work non-standard hours as required
• Be a Team Player with the ability to work well independently with limited direction


We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.

EEO Statement
ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.