Full time, Contract | Phoenix,AZ 85012
SUNSOFT ONLINE
Status: Closed
Posted On: Sep 01 2021
 Applied

Description

Candidates must have extensive, expert-level experience analyzing, designing, building, testing and deploying complex systems related to the following technologies:

  • Enterprise Windows File Servers with an emphasis on network file servers, DFS, shares, NTFS permissions for least-privileged access.
  • Data Loss Prevention (DLP) and methods of classifying, organizing and securing unstructured data.
  • Active Directory application and file permissions using role-based access controls (RBAC) via nested groups to authorize access to file servers and applications.
  • Auditing, analyzing and reporting on all of the above using tools such as Icacls, Quest Change Auditor and the like.
  • Powershell for automation and data analysis.
  • Multifactor Authentication (MFA) technologies applied to internal, elevated/administrative accounts (Windows servers, clients, networking equipment, firewalls, etc)

Please note: This position is not a day-to-day/operational system administrator working on in-place systems.

  • ASRS intends to “start from scratch” with a brand new file server architecture, security model and associated policies, processes and procedures. Candidates shall have experience with setting up new file servers according to best practices that strike an acceptable balance between usability and security.
  • ASRS has a role-based active directory groups security model in place today; however, a re-org was performed and now, this structure must be analyzed and corrected to reflect the current state of the agency.
  • ASRS’ MFA system is already in place (used for remote access) and will likely be extended in its use to the functionality described above. Candidates shall have a strong understanding MFA systems and the ability to configure them for use with a range of login devices (Windows OS, Linux OS, switches, routers, firewalls, etc).

THE POSITION DUTIES INCLUDE:

  • Serve as technical Infrastructure SME/practitioner on an agency-wide projects to:
  • Re-architect the ASRS’ file server infrastructure using best practices for data classification, tree design and least-privileged access.
  • Adjust/re-architect role-based Active Directory groups governing file server and application authorization to match current organizational structure and job functions.
  • Develop change auditing and alerting mechanisms to detect unauthorized/incorrectpermission conditions.
  • Develop data-owner access attestation process.
  • Establish/update policies and procedures governing unstructured data storage.
  • Establish multifactor authentication for critical systems access.
  • Assist project manager and ASRS management in creating project vision documents to define the project requirements, solutions, benefits, costs, risks, etc.
  • Research technologies related to project solutions and present recommendations/pros/cons/costs for available options.
  • Perform hands-on system creation/configuration/troubleshooting/issue resolution for assigned projects.
  • Regularly report status/progress/risks/issues.
  • Daily/weekly - Record time spent on project assignments in JIRA System.

KNOWLEDGE, SKILLS & ABILITIES:

  • Bachelor’s degree in Computer Science or equivalent experience (minimum 5 years’ experience in business systems analysis field).
  • Excellent oral and written communication skills.
  • Minimum 7 years’ experience creating and operating Microsoft Windows File Servers including DFS, DFS replication, ABE, EFS, SMB Shares/NTFS, folder structures in an enterprise business environment with multiple data owners.
  • Minimum 7 years’ experience with Microsoft Active Directory, especially in the area of role- based groups and thoughtful group nesting to govern access to applications and files.
  • Minimum 5 years’ experience with PowerShell to query data and automate bulk commands/functions.
  • Minimum 5 years’ experience creating/managing login scripts and Active Directory Group Policy.
  • Minimum 5 years’ experience deploying and operating MFA systems.
  • Experience working on medium-large scale infrastructure projects, especially related to Windows file servers and active directory groups.
  • Ability to organize, analyze and interpret large, complex data sets.
  • Proven ability to multi-task on concurrent projects.
  • Ability to document status/progress on project activities and record time spent in a timely, accurate and complete manner.

IDEAL CANDIDATE: Certifications in relevant technologies are desirable.

 Applied
Back