Introduction
The National Academies of Sciences, Engineering, and Medicine value diversity in our members, volunteers, and staff and strive for a culture of inclusion in our workplace and activities. Convening a diverse community to exchange ideas and perspectives enhances the quality of our work and increases our relevance as advisers to the nation about the most complex issues facing the nation and the world.
Overview
Requisition Number: R0002657
Provides advanced technical expertise in the analysis, design, implementation, administration, security, maintenance, and support of the department's Windows Server, Active Directory, and Microsoft 365 environments. The environment is comprised of a multi-site, multi-forest Active Directory infrastructure, and supports Microsoft Exchange-based messaging services, Microsoft SharePoint collaboration services, Microsoft SQL Services, Single Sign-on services, File and Print Services, Microsoft 365, MS Teams, Microsoft-based configuration and software update management systems, systems performance management and infrastructure management tools. Also includes a Cloud hybrid environment with Microsoft 365. Leads and works with users and collaborate with cross-functional teams. Technical expertise with Microsoft 365 to include Azure, Exchange in the Cloud, Teams, rights and roles. Acts as a Subject Matter Expert (SME) for enterprise infrastructure systems and network services platforms, including load balancing, authentication, identity management, and DNS/DHCP/IP address management solutions.
Under general direction, incumbents perform work requiring advanced knowledge, often involving multiple phases and significant collaboration. Applies in-depth technical knowledge to independently and innovatively solve a full range of complex and sometimes unusual problems that impact organizational success. Brings industry-level expertise to function, and recommends changes to remain up-to-date or competitive. Establishes processes and procedures to ensure the effective and efficient operation of a complex function. Acts as a technical project leader.
Responsibilities
* IT Function Responsibilities: Serves as a subject matter expert (SME) in Active Directory / Windows environment, Microsoft cloud environments (M365, Azure Cloud Services, MS Teams, SharePoint, etc.), and non-Windows systems including configuration, integration, management, performance tuning, and security. Implements and maintains enterprise systems related to application load balancing, authentication and security applications. Acts as SME for hybrid environments involving on-premise and cloud platforms. Functions as a technical resource and integrator regarding Active Directory and Microsoft L3 issues to administrators, programmers, web developers, network security engineers, database analysts, network managers, and implementation teams. Participates in the identification of vulnerabilities and their mitigation and collaborate with security teams to conduct regular vulnerability assessments and implement necessary security measures. Participates in the analysis and design of new or existing infrastructure systems and services. Performs capacity planning, upgrades, and expansion of the environment.
* Problem Solving: Troubleshoots and develops technical solutions related to incidents escalated from Tier 1 and Tier 2, addressing new or previously unknown issues. Provides oversight on daily activities to set priorities, function as mentor, helps with problem escalation, and communicates significant problems or issues to management.
* Processes and Documentation: Creates and maintains comprehensive system documentation, including architecture diagrams, configurations, and operational procedures.
* Project Management: Maintains effective communications with vendors, peers, and clients in support of assigned projects.
* Research and Assessment: Researches, evaluates, recommends, and implements new technologies.
* Confidentiality: Maintains confidentiality. Handles secure, privileged, sensitive, or confidential information with discretion and in accordance with organizational policies and procedures. Maintains strict confidence to prevent disclosure. Accesses such information strictly for work-related purposes, and ensures that it is securely stored, transmitted, and disposed of in compliance with organization guidelines.
NONESSENTIAL JOB DUTIES
* Related duties and special project as assigned.
Requirements
Required Knowledge, Skills, and Abilities:
Familiar with standard operating procedures and best practices in the listed technology areas, and rely on experience and judgment to plan and accomplish goals:
* Windows Server and Active Directory
* Windows Server and Active Directory Security
* Windows DFS-N/DFS-R Active Directory integrated applications (includes single sign-on)
* Active Directory Group Policy to implement security standards on Domain Controllers, Domain Member Servers, and Domain Member Workstations
* Microsoft Azure Active Directory (AAD) and ADFS in hybrid environments
* Microsoft Azure Active Directory (AAD) Conditional Access Policies, AAD Connect
* DNS services • DHCP services • NTP services
* File and Print services
* Auditing technologies and tools, and provide reports as needed
* Implement security policies and procedures
* SCCM and WSUS, for both servers and desktops
* Virtualization
* High Availability / Disaster Recovery
* M365, MS Teams and MS Intune deployment, administration, and integrations
* MS Exchange Hybrid - L3 Management
* MS SharePoint - L3 Management (cloud and on-prem)
* Microsoft CA - PKI
* Experience using Microsoft PowerShell across the different Microsoft ecosystem.
* Familiarity of the following third-party technologies: F5 LTM/GTM, RSA SecurID, CyberArk, Carbon Black App Control, and Ivanti RADIUS. Cloud Service Knowledge: Familiarity with related Microsoft Cloud services, including Azure services, Microsoft Entra ID, and GraphAPI integrations.
* Microsoft Power Platform Proficiency: Understanding of Power Apps, Power Automate, Power BI, Power Virtual Agents, and Dataverse.
* Ability to solve intellectual problems of substantial variety and complexity using originality and ingenuity.
* Ability to serve as a resource to others in the resolution of complex problems.
* Ability to use substantial latitude for independent decision making and action.
* Experience working in complex environments with a high degree of organizational effectiveness. Ability to successfully work in a team environment.
* Ability to develop relationships with co-workers and employees in other National Academies' departments.
* Excellent communication skills with a proven ability to effectively interact with all levels of employees.
Minimum Education/Training Requirements: Bachelor's Degree in Computer Science or related field, or equivalent knowledge.
Minimum Experience: Eight years of related professional experience. Experience of Windows architecture in a multi-site company and project management is preferred.
Required Licenses, Certification or Registration: Advanced IT Industry certifications including, but not limited to, Microsoft technologies (cloud and on-prem), CompTIA, etc., are preferred.
Any qualification to be considered equivalent, in lieu of stated minimum, requires the prior approval of the Office of Human Resources.
Supervisory Responsibilities/Controls
Reports to Manager, Systems Architecture. General direction is provided.
Work Environment
This role has been approved for 100% remote status, with occasional travel between National Academies' facilities and to off‐site meeting/sponsor locations. Please note that any remote work arrangement will need to be reviewed and approved.
Compensation & Benefits: An estimated compensation range for this position is $101,130 - $176,980. Compensation offered to the selected candidate will be based on the candidate's relevant knowledge, skills, and work experience, commensurate with compensation of current employees in comparable positions with similar knowledge, skills, and work experience, and subject to budget parameters. Note it is not typical for a candidate to be hired at the higher end of the range. This is a benefits‐eligible position. Our Benefits Plan offers competitive and comprehensive benefit options, including medical, dental and vision insurance, life insurance, disability coverage, retirement and savings benefits, leave benefits such as paid holidays and paid personal leave, transportation subsidies, and education assistance.
#J-18808-Ljbffr