This posting will be open for application submissions for a minimum of seven (7) calendar days, including the ‘posting date’. Sandia reserves the right to extend the posting date at any time.
NNSA Requirements for MedPEDs:
If you have a Medical Portable Electronic Device (MedPED), such as a pacemaker, defibrillator, drug-releasing pump, hearing aids, or diagnostic equipment and other equipment for measuring, monitoring, and recording body functions such as heartbeat and brain waves, if employed by Sandia National Laboratories you may be required to comply with NNSA security requirements for MedPEDs.
If you have a MedPED and you are selected for an on-site interview at Sandia National Laboratories, there may be additional steps necessary to ensure compliance with NNSA security requirements prior to the interview date.
$101,400 - $201,400
*Salary range is estimated, and actual salary will be determined after consideration of the selected candidate's experience and qualifications, and application of any approved geographic salary differential.
What Your Job Will Be Like:
We are seeking a highly motivated Identity and Access Management Solutions Architect responsible for the Domain Services necessary to enable enterprise systems! This includes architecting, implementing, and maintaining technology platforms, processes, operations, and integrations essential in support of multiple networks within a large, enterprise environment. You will support existing solutions and gain an understanding of the business, security, and technical requirements to recommend and drive improvements. This role will collaborate with infrastructure, application, and governance partners and customers to elicit and define information system requirements for implementing and supporting highly-available, resilient solutions that provide a favorable user experience.
On any given day, you may be called on to:
Manage and maintain all aspects of On Premises Active directory (AD) forests and domains in a decentralized and limited delegation configuration
Management, maintenance, security and configuration of single sign on and Two Factor Authentication, (2FA)
Design and implement cloud-based identity and access management solutions for our organization in accordance with NIST 800-53 controls
Manage Azure AD, including setting up new users and groups, configuring policies, and monitoring for security issues
Collaborate with our enterprise cloud and IAM teams to ensure integration with other cloud-based services
Patch and vulnerability management of AD environments to include all windows operating systems, and related reporting
Establish site wide trusts for approved external certificate authorities allowing functionality
Coordinate with the Cyber Security and incident management, including emergency vulnerability response and mitigation strategies
Due to the nature of the work, the selected applicant must be able to work onsite.
Qualifications We Require:
Bachelor’s degree in Computer Science, Management Information Systems, or a related field plus five (5) years of experience; or equivalent combination of education and experience (AS + 9 or no degree +13)
Experience with Windows Server Administration within a domain
Experience with Active Directory role based access and zero trust architectures
Experience with ADFS, Azure, or Azure AD
Ability to obtain and maintain a DOE Q clearance
Qualifications We Desire:
Experience with Cyber Security vulnerability mitigation strategies and attack vectors
Familiarity with certificate based authentication and related Alt-Sec-Id mappings
Azure Global Admin with wide experience in all aspects of Azure cloud configuration, Privileged Identity Management (PIM), B2B, B2C, FIDO2, Cert Based Authentication, etc
Experience with Azure AD infrastructure, integration and management, to include AD Connect and AD federation service, (ADFS)
Familiarity with AD domain backup and upgrade techniques
Familiarity with the AD Schema and how to look and search for entries
Experience with PKI and certificate management, online and offline scenarios
Experience with Hardware Security Modules related to PKI architectures
Familiarity with LDAP Directory Services
Understanding of SAML, OAuth, and OpenID
Strong knowledge on PowerShell and command scripting.
Experience with IDM platforms
Understanding and experience with Kerberos and Kerberos delegation
Experience with Operating system authentication methodologies
Experience with Windows and Linux
Experience in Microsoft Certificate services to include but not limited to generating, revoke, issuing certificates site wide in automated policies
Experience deploying SaaS solutions in an enterprise setting
Experience applying Enterprise Patching at scale to hundreds of systems
IPv6 experience with AD sites and services
About Our Team:
Provide state-of-the-art infrastructure computing systems for the laboratory at benchmark efficiency while ensuring the highest reliability and enterprise utility. Services include infrastructure tools for application support, communications, and need-to-know authorization as well as computing resources which can be accessed, shared and utilized from anywhere on the internal, external and classified networks.
Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:
Challenging work with amazing impact that contributes to security, peace, and freedom worldwide
Some of the best tools, equipment, and research facilities in the world
Career advancement and enrichment opportunities
Flexible work arrangements for many positions include 9/80 (work 80 hours every two weeks, with every other Friday off) and 4/10 (work 4 ten-hour days each week) compressed workweeks, part-time work, and telecommuting (a mix of onsite work and working from home)
Generous vacations, strong medical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*
World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov
*These benefits vary by job classification.
Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment need to be able to obtain and maintain a DOE Q-level security clearance, which requires U.S. citizenship. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain a security clearance may be impacted.
Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status and any other protected class under state or federal law.
Job ID: 688756
Share this job
- Worklife Balance
- Flexible Work Schedules
- Generous Paid Time Off
- Exceptional 401K Savings Plan
- Medical/Dental/Vision Insurance
- Wellness Programs
- On-site Amenities
- Vacation Buy Plan
- Telecommuting Arrangements*
*with management approval
Life in New Mexico
- Affordable housing, reasonable cost of living
- Minimal traffic congestion compared to larger cities
- Outdoor recreation - Ski, snowboard, hike, etc.
- Experience rich culture and history
- International Balloon Fiesta
- Green chile – NM Cuisine
- Museums, Parks, Sports
Learn more about Life in Albuquerque, New Mexico