Overview
Paradyme, Inc. is a rapidly growing government technology leader that puts service first, for its customers, its team, and the communities it supports. Paradyme harnesses DevSecOps and Agile development processes to deliver exceptional results for digital transformations. Based in Tysons Corner, VA, Paradyme’s award-winning culture sets it apart through its team’s deep commitment to service and collaboration with its customers, each other, and the community. Learn more at www.paradymemanagement.com.
We are seeking a highly skilled Senior PKI Systems Administrator with an
Active Top Secret clearance to join our team supporting a critical Law Enforcement customer. The ideal candidate will have extensive experience in credentialing systems and associated products, with the expertise to serve as a support coordinator at the escalated Tier-2 and Tier-3 levels. This role demands proficiency in credential provisioning and the management of credentialing/provisioning-related issues. The Senior PKI Systems Administrator will be responsible for administering and monitoring credentialing services to ensure seamless availability and integration with technical controls, services, and components, all aligned with the PKI architecture. Additionally, this position will involve coordinating O&M support services and acting as the lead contract administrator for CAMEO System Administration.
Tasks
Responsibilities
- Provide digital certificate issuance, renewal, and revocation services.
- Perform tasks related to credential requests, scheduling, identity verification per policy, and card personalization until the badge is enabled.
- Responsible for the administration of CNSS PKI, CNSS Device Certificates, Internal Device Certificates, and Code-Signing Certificates.
- Provide virtual or deskside support to users and ensure user verification per policy before assisting with issues or requests.
- Manage and issue Public Key Infrastructure (PKI) certificates.
- Assist Non-Person Entity (NPE) system owners in integrating certificates.
- Maintain records of the PKI certificate lifecycle and support lifecycle events such as PIN reset, key recovery, revocation, and name changes.
- Coordinate provisioning support activities and serve as the contract lead for provisioning support.
- Monitor, troubleshoot, operate, and maintain the FBI ICAM and UC system Public Key Infrastructures (PKI).
- Demonstrate knowledge of PKI systems, Hardware Security Modules (HSMs), and Certificate Authorities (CAs).
- Check the health of the PKI system and infrastructure, resolve connectivity issues, and escalate unresolved issues to the Tier 3 Engineering Team.
- Resolve incidents and ensure proper escalation to Tier 3.
- Support PKI compliance, patching, and upgrades, while also being available to participate in after-hours upgrades, troubleshooting, on-call availability, and coordinate service calls with third-party entities as required.
- Develop and maintain PKI Standard Operating Procedures.
- Support annual audit requirements and build a Knowledge Base for user and technologist use.
- Manage CNSS PKI cards for users and Non-Person Entity (NPE) certificates.
- Support system failover/COOP exercises coordinated by the FBI.
- Maintain inventory of key stock and HSM Key Material.
Responsibilities
- Monitor, troubleshoot, operate, and maintain the FBI ICAM and UC system Public Key Infrastructures (PKI)
- Support the following products:
- Hard or soft tokens/keys
- Personal Identity Verification (PIV) cards
- Committee on National Security Systems (CNSS) Public Key Infrastructure (PKI) cards for users and Non-Person Entity (NPE) certificates
- IC Common Services user and NPE certificates
- FBI NPE PKI
- Publicly trusted (Unclassified) NPE PKI for external Internet facing systems, and/or other existing or future credentialing products and/or form factors
- Provide Tie 1-2 credential provisioning support (which may also be referred to as “registration”) for networks, credential form factors, provisioning solutions for personnel at FBI Headquarters and FBI offices in Washington, DC and DC metro area.
- Provide remote credential provisioning for personnel throughout the entire FBI enterprise, following any applicable remote vetting requirements, where authorized and/or directed to do so by the Government.
- Provide credential provisioning and/or provide support for credential provisioning in support of NPE, system, application, and/or non-user-based credential requirements for the FBI enterprise.
- Operate, administer and/or support internal FBI PKI/credentialing services, as well as externally trusted PKI/credentialing services
- Install/implement credentialing system
- Ensure FBI locations have adequate credential supplies and systems/components, as required, to avoid interruption in services
Required Experience & Education
- Bachelor’s degree from an accredited institution in a relevant field preferred.
- Minimum of eight (8) years of experience. In lieu of eight years' experience, relevant certifications or past work may be accepted.
- Experience in Identity Management, Governance, and Lifecycle Management.
- Experienced in Authentication, Authorization, and Access Management.
- Expertise in Public Key Infrastructure (PKI) and Credentialing Systems/Services.
- Supported engineers in sustaining and modernizing tasks with a strong understanding of the SysAdmin role in implementing enterprise Identity, Credential, and Access Management (ICAM) solutions.
- Experienced with Entrust
Other Desired Skills Include
- Experience with PKI in federal secured environments.
- Knowledge of NIST, CNSS, DoD, and Army policies and guidelines.
- Understanding of the Command Cyber Readiness Inspection (CCRI) process.
- CompTIA Security+, CISSP, or relevant PKI certifications.
- Experience with PowerShell.
- DoD 8570 Certification.
- Trained in Federal Identity, Credential, and Access Management (FICAM).
- Experience with publicly-trusted NPE PKI for external systems and various credentialing products.
- Familiarity with Linux, UNIX, Windows Server, and VMware environments.
EEO Statement
Paradyme is a federal contractor and an EEO and an Affirmative Action Employer. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, pregnancy-related disability, physical or mental disability, genetic information, sexual orientation, marital status, familial status, personal appearance, occupation, citizenship, veteran or military status, gender identity or expression, or any other characteristic protected by federal, state or local law.
Paradyme Management, Inc. is committed to the full inclusion of all qualified individuals. In keeping with our commitment, Paradyme will take the steps to ensure that people with disabilities are provided reasonable accommodations. Accordingly, if a reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please contact Rose Luczak, Director of People Operations at rose.luczak@paradyme.us or at (571) 289-0548.