MS AD and GPO Security Engineer - Senior

This requirement supports DISA DoDNET, a very brief overview of which can be found here:

This position provides MS Active Directory and Group Policy Object (GPO) security expertise on a team working to determine requirements, research, and evaluate problems in the development of solutions and architectures to support a secure infrastructure in MS Active Directory and Office 365 environments and is responsible for assisting in the upkeep of the security posture of the environment to meet the customer requirements.


Education and Experience:

·      Bachelor’s Degree or a combination of technical training, certifications, and experience

·      Microsoft Certifications such as MCSA, MCSE, or other related certifications or specialty experience

·      4+ Years of MS Windows engineering design and operations experience.

·      ITIL Foundations

·      Experience in System Development Life Cycle

·      ServiceNow experience desired

·      Security+ CE (or appropriate DoDM 8570 Baseline Certification)

·      IAT Level II certification is required before start



·      Completes activities to support system integration, system evaluation and analysis, site surveys, verification and validation, cost and risk, and supportability and effectiveness analysis for total systems and architectures.

·      Conducts advanced research and analysis of current system GPO’s against the STIG’s and ACAS findings to support development of strategic implementation plans and designs, document and mitigate risks as well as lessons learned, and provide regular updates.

·      Research and collaborate with vendors and various groups, such as R&D, Server, and Network teams, and provide recommendations on how to leverage GPO’s for emerging technology to improve cyber security posture.

·      Conducts engineering technical analysis to support resolving issues through application of engineering theories and concepts.

·      Support the operational assessment and documentation of systems security and compliance posture to maintain accreditation.

·      Provide input to project schedules, identify, and mitigate risks, document lessons learned, and deliver regular updates to stakeholders

·      Develops security status reports for key stakeholders

·      Must have flexible working hours to be available to support team when needed

·      Perform all other duties as assigned


Knowledge and Skills:

·      Active Directory, GPO and STIG’s to implement changes for the improvement of the cyber security posture of the organization

·      Exhibit the flexibility to multitask, refocus and shift priorities to support the mission, warfighter and customer requirements.

·      Adapt for working in team oriented or independent projects

·      Excellent technical writing & presentation skills.

·      Maintain a strong understanding of networking architecture, servers, systems design, virtual hosts, and configuration management and licensing.

·      Document Standard Operating Procedures and guides.

·      Excellent verbal and written communication skills

·      Ability to organize and facilitate planning and demonstrations

·      Ability to track, manage, and ensure project tasks are completed in a timely manner


Technical Knowledge

·      Active Directory

·      Office 365

·      GPO

·      STIGs

·      Joint Regional Security Stack (JRSS)

·      Cisco switches, routers, and VPN products

·      Remedy ITSM/ServiceNow

·      SolarWinds Network Configuration Monitor (NCM)

·      System Center Configuration Manager (SCCM)



·      Secret

·      Must be US Citizen


Travel Requirements:


This position will involve minimal travel



Location: Fort Meade, MD