Title:  Scientist, Systems Engineer - Active Directory Architect

Job Title: Scientist, Systems Engineer - Active Directory Architect

Job Code: 35310

Job Location: Greenville, TX (On-Site)

Job Schedule: 1st Shift 9/80

Job Description:

We are seeking an experienced Active Directory (AD) Architect. This role is responsible for designing, maintaining, supporting, and ensuring secure authentication, authorization, and compliance across all systems.  The ideal candidate has deep technical expertise in AD and CA, strong security awareness, proven troubleshooting skills, and hands-on experience supporting enterprise-scale identity solutions.  If you have the necessary skills, join us in our mission to provide innovative and reliable identity solutions.

Essential Functions:

• Administer, maintain, and troubleshoot Active Directory Domain Services (AD DS), including users, groups, computers, OU structure, GPOs, domain controllers, and associated Microsoft or third-party applications.
• Support identity lifecycle processes (joiners, movers, leavers)
• Enforce least privileged access and zero-trust principles
• Implement and manage Conditional Access, MFA, and identity protection policies
• Support secure authentication mechanisms including Kerberos, SAML, OAuth, and modern authentication
• Recommend and implement improvements to security, scalability, and reliability
• Participate in infrastructure projects, migrations, and upgrades
• Support proposal development activities including labor estimation (BOE creation and review) and technical response development
• Capable of Problem Solving, Team Leadership, Strategic Thinking / Planning, Communication, IPT / Cross Functional Behavior, Accountability, and Critical Thinking.
• Prepare and deliver effective presentations to communicate technical information to both technical and non-technical professionals, including senior level management
• Ensure programs translate customer requirements into unique verifiable system level requirements
• Evaluate trade studies for accuracy and completeness

Qualifications: 

• Bachelor’s Degree in an appropriate engineering discipline (Electrical, Mechanical, Systems, Software, Physics, etc.) and minimum 12 years of prior relevant experience or Graduate Degree and a minimum of 10 years of prior relevant experience. In lieu of a degree, minimum of 16 years of prior related experience.
• TOP SECRET/SCI.
• Experience supporting Active Directory, including advanced expertise in building & maintaining AD domains, troubleshooting replication and Kerberos authentication issues, complex group policy design, etc.
• Experience supporting identity synchronization, MFA, privileged identity management, tenant management, conditional access policy creation & modification, and setup of identity federation application authentication.
• Experience managing PKI infrastructure, including Active Directory Certificate Services (ADCS), certificate lifecycle management (issuance, revocation, renewal).
• Expertise in both Windows and Linux.
• Experience, including creating and modifying scripts for process automation
• Excellent written, oral, and team communication skills.
• Experience working successfully both independently and in a team environment.

Preferred Additional Skills:

• CI Poly
• Analysis of detailed hardware and software specifications for systems, subsystems, and key components
• Leadership - Task or IPT
• Entire Program/Engineering Life Cycle Phases and Activities
• Network Engineering
• Cybersecurity Engineering
• Technical Baseline development/management
• Requirements Management
• Proposal Development

#LI-EN2