Previous Job
Infra Solutions Architect 5
Ref No.: 18-00324
Location: Richmond, Virginia
Start Date / End Date: 03/12/2018 to 06/30/2018
Infra Solutions Architect 5

*local candidates strongly preferred
*ALL candidates MUST be able to attend a personal interview, NO phone interviews, NO Skype, NO exceptions
****this contract will likely be only 2-3 months in duration with no extension

Design a New Active Directory enterprise domain running AD 2012 mode or better. Approximately 1,000 core users (desktops), 3,000 peripheral users (all employees), approximately 20,000 licensees (non employees, but subscribers and users of client systems).

Client is becoming an Authority. As part of this move, client is adopting Office365 for Mail, Skype, Calendars and other base functions. We have also determined that Active Directory meets needs for a single primary identity provider for current and new systems and will move to this new domain sometime after October 1 2018. For new systems that are currently being acquired but have a go live date after 10/1/2018, client wants to leverage the future state Active Directory for Authentication rather than the current COV active directory (or system specific identity providers).

This means client has an immediate need to create a new active directory to support current projects and the future more independent state of client when it manages its own identities, credentials, policies and access controls. This active directory will be created outside the current COV environment, with an intent to leverage Azure cloud based AD servers and on premise AD controllers. The current Cloud Active Directory access is federated to Okta and synchronized with the Commonwealth Active directory and this will need a future migration onto the Active Directory infrastructure.

This assignment is to assess the variouis requirements for Adentity and access, design and implement a domain, AD schema and initial policies to allow connectivity and access for current inflight projects: The Licensing project, BI Renewal project, and the FMS (ERP project - SAAS based). Future known requirements also include the POS replacement project and the relocation of headquarters and warehouse, although these requireemnts are currently being defined. Most Server based Authentication for apprximately 140 servers witrhin the ABC environment is local to those machines and one of the primary proejct goals is to aggregate all credentials though a single authoritatve identity source (Active Directory). Client runs a mix of Linux and WIndows servers, with significant Oracle and SAAS components
Skill Required / Desired Amount of Experience
Active Directory Domain design and management (2012 and newer) Required 5 Years
Active Directory Policy configuration and management Required 5 Years
Creating, installing and configuring Active directory domains and components Required 5 Years
Knowledge of Advanced functions for Intrusion detection and logging applied to AD domains Required 5 Years
Knowledge of Applying domain policies to Intune devices intune managed applications Highly desired 3 Years
Ability to architect and document the AD design, including Policies to meet client's required standards (expected to be Based on NIST) Required 3 Years