System Engineer (Journeyman)

at  ITility LLC

Overview:
Join the ITility team and make a difference! ITility seeks a System Engineer (Journeyman) to provide enterprise level system administration across multiple exercise enclaves enabling UAWC’s mission of providing accurate live, virtual/constructive (LVC) warfighter training. This role will sit onsite at Einsiedlerhof AS, Germany.
ITility is a Service Disabled Veteran Owned Small Business with a passion to equip our nation’s armed forces and first responders with the very best to empower their missions. From the virtual battlefield to boots on the ground, our people, processes, and performance drive our ability to help our clients protect what matters, now and for generations to come.
At ITility, we help our customers command the future by thinking beyond perceived limits to create new, unexpected ways to protect and defend our nation. We inspire and empower people to create significant solutions that secure what matters to our customers and communities, here and around the globe.

We Value:

• The Drive to Perform Beyond Perceived Limits.
• The Desire to Find Significance in All We Do.
• The Passion and Compassion That Powers Both.

Responsibilities:

• Provide enterprise level system administration across multiple exercise enclaves enabling UAWC’s mission of providing accurate live, virtual/constructive (LVC) warfighter training (C.5.7.1.4.2).
• Active Directory Services (ADS): Manage/maintain Windows Server operations and core applications/systems (e.g., ADS, DNS, DHCP, centralized print services, email, and chat programs) or comparable services by directly leveraging Windows, Linux, and virtual environments in support of UAWC projects, exercise plans, and designs (C.5.7.1.4.2).
• Support Microsoft-based operating systems, Linux/UNIX based appliances, and LAN technologies, as well as the integration of specialized applications for permanent party, local exercise, and remote exercise use (C.5.7.1.4.2).
• Engineer, implement, and maintain Active Directory (AD) domain, Microsoft Windows, UNIX, and Linux client/server operating systems (C.5.7.1.4.2).
• Implement and oversee an aggressive “Principle of Least Privilege” strategy in accordance with Chairman of the Joint Chiefs of Staff and USAF guidelines. Examples may include AFMAN 17- 1301 section 4.2.2.6 and Committee on National Security Systems (CNSSI) 4009 (C.5.7.1.4.2).
• Coordinate and implement AD configuration changes in accordance with DoD/USAF/UAWC and/or industry standards as well provide technical input for security accreditation efforts, as needed.
• Provide guidance on AD user, computer, and group creation, including naming conventions and long-term disposition (C.5.7.1.4.2).
• Utilize at need industry standard command-interpreter scripting capabilities to assist in effective AD management (C.5.7.1.4.2).
• Deploy, develop, and maintain AD Group Policy Objects to ensure consistent application of computer/user security policies, to ease/streamline administration and support “Principle of Least Privilege” strategies (C.5.7.1.4.2).
• Enable/provide technical advice and/or support to assist in reporting AD account use violations and other security- related abuses and/or anomalies (C.5.7.1.4.2).
• Document AD-related issues and baseline changes. (C.5.7.1.4.2).
• Ensure proper configuration of New Technology File System (NTFS) shared folder resources are implemented in accordance with DoD/USAF/UAWC requirements to maintain the appropriate level of required security (C.5.7.1.4.2).
• Provide Network Basic Input/output System (NetBIOS) and Fully Qualified Domain Name IP address and host name resolution capabilities (C.5.7.1.4.2).
• Establish and maintain Windows-based authoritative “time” server hierarchy (C.5.7.1.4.2).
• Create and maintain standard operating procedures, maintenance checklists, monitor all performance and functionality of classified and unclassified networks, and provide accurate network drawings (C.5.7.1.4.2).
• Implement and maintain organization-specific configurations, security, and tracking independent from default or preconfigured COTS configurations, security implementations, or other settings (C.5.7.1.4.2).
• Implement multiple Redundant Array of Independent Disk (RAID) configurations to ensure high availability of server based UAWC resources (C.5.7.1.4.2).
• Employ DoD, Defense Information Systems Agency (DISA), and USAF guidance, instructions, and tools to maintain and operate a robust Public Key Encryption/Public Key Infrastructure (PKE/PKI) environment that supports two-party authentication for UAWC enclaves (C.5.7.1.4.2).
• Deploy/manage/maintain robust virtualization Infrastructure environments capable of supporting UAWC models & simulation unique systems supporting LVC environments and exercise events (C.5.7.1.4.2).
• Administer/deploy VMware virtualization technologies enabling centralized dynamic management of virtualized systems (C.5.7.1.4.2).
• Manage/maintain UAWC operational virtualized machines (VM) using industry standard hypervisors, including but not limited to current versions of VMware vSphere, Windows Server Hyper-V and/or Red Hat Enterprise Linux (C.5.7.1.4.2).
• Maintain/manage Cisco’s Unified Computing System (e.g., Hyperflex) environments and associated hardware supporting hyperconverged compute, memory as well as storage area network (SAN) (C.5.7.1.4.2).
• Deploy/manage/maintain robust virtual desktop infrastructure (VDI) capable of supporting on-premises UAWC exercises and events (C.5.7.1.4.2).
• Manage/maintain UAWC implemented Trusted-Thin client architecture providing access to cross-platform multi-classification desktop capabilities (C.5.7.1.4.2).
• Implement a reliable network management system (e.g., SolarWinds suite of tools) to centralize dynamic monitoring of core systems/services enabling straightforward proactive identification of abnormalities and performance issues (C.5.7.1.4.2).
• Conduct preventative maintenance inspections supporting proactive detection of device failures, negative system trends as well as reliable functionality and availability of core enterprise or customer provided services (C.5.7.1.4.2)
• For preventive and unscheduled maintenance inspections, provide reporting on observations, findings, and any corrective actions applied or recommended. Provide relevant metrics on results of inspections, identifying trends and recommendations to maintain or improve system performance (C.5.7.1.4.2).
• Maintain domain-wide, Windows-based software inventory. Develop queries used to support report of survey inquiries (C.5.7.1.4.2)
• Obtain and install all applicable software updates, security patches, and compliance orders while minimizing impact to the UAWC training environment (C.5.7.1.4.2).
• Organize mandatory software updates and security patches for deployment using enterprise level utilities, DoD and/or UAWC approved software (C.5.7.1.4.2).
• Collaborate with UAWC Information Assurance to ensure compliance remediation of resources/systems within operations area of responsibility (C.5.7.1.4.2).
• Advise UAWC on (C.5.7.1.4.2):
• Usage and viability of required software licenses.
• Capacity / performance levels of UAWC networks and provide recommendations to address known or anticipated shortfalls.
• Risk potential of critical systems, including single points of failure that could negatively affect continuous operations.
• Appropriate levels of spare hardware resources and resulting mission impact if levels are not maintained.
• Document specific recommendations provided, to include alternatives considered and rationale for recommended approach.
• Centrally manage and protect crucial resources through enterprise level backup and restoration of hardware and software systems (C.5.7.1.4.2).
• Utilize industry standards/tools to manage/maintain an enterprise backup solution supporting recovery restoral of core systems and essential data (C.5.7.1.4.2).
• Establish robust scheduled backups of critical servers, system data and shared folders ensuring configurations are in accordance with DoD/USAF/UAWC requirements and all associated appliances/hardware are monitored/maintained for optimum performance (C.5.7.1.4.2).
• Maintain appropriate host-based firewall and anti-virus configurations and implement applicable rules in accordance with DoD/USAF/UAWC requirements to best support operational events and exercises (C.5.7.1.4.2).
• Install and update system configurations based on applicable DoD, DISA (including Security Technical Implementation Guide [STIG]), and USAF security guidelines (C.5.7.1.4.2).
• UNIX/Linux Server Operations: The Contractor shall provide support for the UNIX/Linux functions including but not limited to application support (e.g., ACAS, OpenRMF, vCenter) on Red Hat Linux and/or other Linux/UNIX base appliances (C.5.7.1.4.2)
• Administer Assured Compliance Assessment Solutions (ACAS) by performing system vulnerability scans and risk assessments as mandated by DoD/USAF/USAFE/UAWC IA policy standards. Accomplish the following to maintain the UAWC’s Simulation Support Common Environment and its individual workstation components including, but not limited to (C.5.7.1.4.2):
• Design and implement a common computing environment that will support research and development for current and future simulation models.
• Ensure the environment meets all DoD security and data protection standards.
• Provide on-the-job training to military and civilian personnel in network operations and maintenance activities.
• Engineer interfaces for tactical communications systems to simulate UAWC simulations environment.
• Develop and update network diagrams and other configuration documents to include, but not limited to: provide detailed information (e.g., serial number, physical location, software version, end-of-life dates, maintenance/warranty status, etc.) for assigned network devices; record information in the approved location; assist in directly updating diagrams and other configuration documents; initiate document updates to reflect ongoing changes in accordance with UAWC plans and policies (C.5.7.1.4.2).
• Work in partnership with UAWC Communication Squadron network infrastructure, operations, Client Systems Technician (CST), and Information Assurance (IA) teams in remediating system security findings and ensuring systems comply with the latest Security Technical Implementation Guides (STIG) and have been approved for the intended network (C.5.7.1.4.2).
• Monitor system performance, identify, and submit innovative solutions to enhance existing Windows / Linux and network capabilities (C.5.7.1.4.2).
• In support of Modeling and Simulation (M&S), perform the following tasks (C.5.7.1.4.2):
• Support exercise core services or comparable technology with Linux and Windows software platforms in accordance with assigned projects, exercise plans, and designs.
• Provide Linux systems engineering/operations support to include building and deploying physical and virtual Linux servers and/or workstations, ensuring security updates are current with the latest security posture.
• Provide Windows Server operations support, to include Microsoft-based operating systems, virtual servers, and network topologies, and the integration of specialized applications for local exercise, testing, experiments, and remote exercise use.
• In support of the 19th EWS Electronic Warfare Threat to Air Operations (EW TTAO) and Live- Synthetic-Blended (LSB) mission set, perform all applicable system engineering support requirements listed above for the following 19th EWS unique training systems (C.5.7.1.4.2):
• POLYGONE Coordination Center (PCC) IT systems in garrison at Bann, Germany.
• IT portion of all 19th EWS and POLYGONE threat replication systems in garrison at Bann, Germany.
• Multinational Aircrew LSB Training System (MALTS) IT systems in garrison Bann, Germany (Primary) and travel as required in support of 19th EWS mobile mission (Secondary).
• Multinational Aircrew LSB Training System Deployable (MALTS-D) IT systems in garrison Bann, Germany (Primary) and travel as required in support of 19th EWS mobile mission (Secondary).
• Adaptable Range Exercise System (ARES) laptops in garrison at Bann, Germany.
• Radio Over IP (ROIP) kits in garrison at Bann, Germany.
• Provide continuity technical training to government and contract personnel as directed (C.5.7.1.4.2).

Qualifications:

• Possess current DoD 8570.01-M IAT Level 2 Certification.
• Possess one of the following current certifications: VMware Certified Professional (VCP), Red Hat Certified System Administrator (RHCSA), Red Hat Certified Engineer (RHCE), Linux Professional Institute LPIC-1, Windows Server Hybrid Administrator Associate, or Azure Administrator Associate, Microsoft Certified System Administrator,
• Possess in-depth knowledge of Windows and/or Linux system administration and scripting.
• Possess a thorough understanding of Transmission Control Protocol (TCP)/Internet Protocol (IP) networks and unicast, broadcast and multicast network traffic.
• Experience developing engineering network solutions and technical diagrams, as well as providing port and protocol information for specified systems.
• Experience with databases, patch management, and networks including LAN and WAN.
• Excellent problem-solving skills.
• Proficient using MS Office including Word, PowerPoint, Excel, SharePoint, and Teams.
• Waiver of individual experience/qualification requirements will be addressed by UAWC on a case-by-case basis and approved by the AAS Defense COR or CO.

Physical Requirements:

• Ability to sit, stand and work for prolonged periods of time.
• Ability to lift up to 15 pounds.

ITility is an Equal Opportunity Employer:
ITility is committed to providing a work environment that is non-discriminatory, harassment free, fair, ethical and inclusive.
ITility is committed to the principle of equal employment opportunity, and complies with all applicable laws which prohibit discrimination and harassment in the workplace. ITility strictly prohibits discrimination or harassment based on race, color, religion, national origin, sex, age, disability or any other characteristic protected by law in all terms, conditions and privileges of employment, including without limitation, recruiting, hiring, assignment, compensation, promotion, discipline and termination. This policy covers conduct occurring at ITility’s offices, client sites, other locations where ITility is providing services, and to all work-related activities

• Provide enterprise level system administration across multiple exercise enclaves enabling UAWC’s mission of providing accurate live, virtual/constructive (LVC) warfighter training (C.5.7.1.4.2).
• Active Directory Services (ADS): Manage/maintain Windows Server operations and core applications/systems (e.g., ADS, DNS, DHCP, centralized print services, email, and chat programs) or comparable services by directly leveraging Windows, Linux, and virtual environments in support of UAWC projects, exercise plans, and designs (C.5.7.1.4.2).
• Support Microsoft-based operating systems, Linux/UNIX based appliances, and LAN technologies, as well as the integration of specialized applications for permanent party, local exercise, and remote exercise use (C.5.7.1.4.2).
• Engineer, implement, and maintain Active Directory (AD) domain, Microsoft Windows, UNIX, and Linux client/server operating systems (C.5.7.1.4.2).
• Implement and oversee an aggressive “Principle of Least Privilege” strategy in accordance with Chairman of the Joint Chiefs of Staff and USAF guidelines. Examples may include AFMAN 17- 1301 section 4.2.2.6 and Committee on National Security Systems (CNSSI) 4009 (C.5.7.1.4.2).
• Coordinate and implement AD configuration changes in accordance with DoD/USAF/UAWC and/or industry standards as well provide technical input for security accreditation efforts, as needed.
• Provide guidance on AD user, computer, and group creation, including naming conventions and long-term disposition (C.5.7.1.4.2).
• Utilize at need industry standard command-interpreter scripting capabilities to assist in effective AD management (C.5.7.1.4.2).
• Deploy, develop, and maintain AD Group Policy Objects to ensure consistent application of computer/user security policies, to ease/streamline administration and support “Principle of Least Privilege” strategies (C.5.7.1.4.2).
• Enable/provide technical advice and/or support to assist in reporting AD account use violations and other security- related abuses and/or anomalies (C.5.7.1.4.2).
• Document AD-related issues and baseline changes. (C.5.7.1.4.2).
• Ensure proper configuration of New Technology File System (NTFS) shared folder resources are implemented in accordance with DoD/USAF/UAWC requirements to maintain the appropriate level of required security (C.5.7.1.4.2).
• Provide Network Basic Input/output System (NetBIOS) and Fully Qualified Domain Name IP address and host name resolution capabilities (C.5.7.1.4.2).
• Establish and maintain Windows-based authoritative “time” server hierarchy (C.5.7.1.4.2).
• Create and maintain standard operating procedures, maintenance checklists, monitor all performance and functionality of classified and unclassified networks, and provide accurate network drawings (C.5.7.1.4.2).
• Implement and maintain organization-specific configurations, security, and tracking independent from default or preconfigured COTS configurations, security implementations, or other settings (C.5.7.1.4.2).
• Implement multiple Redundant Array of Independent Disk (RAID) configurations to ensure high availability of server based UAWC resources (C.5.7.1.4.2).
• Employ DoD, Defense Information Systems Agency (DISA), and USAF guidance, instructions, and tools to maintain and operate a robust Public Key Encryption/Public Key Infrastructure (PKE/PKI) environment that supports two-party authentication for UAWC enclaves (C.5.7.1.4.2).
• Deploy/manage/maintain robust virtualization Infrastructure environments capable of supporting UAWC models & simulation unique systems supporting LVC environments and exercise events (C.5.7.1.4.2).
• Administer/deploy VMware virtualization technologies enabling centralized dynamic management of virtualized systems (C.5.7.1.4.2).
• Manage/maintain UAWC operational virtualized machines (VM) using industry standard hypervisors, including but not limited to current versions of VMware vSphere, Windows Server Hyper-V and/or Red Hat Enterprise Linux (C.5.7.1.4.2).
• Maintain/manage Cisco’s Unified Computing System (e.g., Hyperflex) environments and associated hardware supporting hyperconverged compute, memory as well as storage area network (SAN) (C.5.7.1.4.2).
• Deploy/manage/maintain robust virtual desktop infrastructure (VDI) capable of supporting on-premises UAWC exercises and events (C.5.7.1.4.2).
• Manage/maintain UAWC implemented Trusted-Thin client architecture providing access to cross-platform multi-classification desktop capabilities (C.5.7.1.4.2).
• Implement a reliable network management system (e.g., SolarWinds suite of tools) to centralize dynamic monitoring of core systems/services enabling straightforward proactive identification of abnormalities and performance issues (C.5.7.1.4.2).
• Conduct preventative maintenance inspections supporting proactive detection of device failures, negative system trends as well as reliable functionality and availability of core enterprise or customer provided services (C.5.7.1.4.2)
• For preventive and unscheduled maintenance inspections, provide reporting on observations, findings, and any corrective actions applied or recommended. Provide relevant metrics on results of inspections, identifying trends and recommendations to maintain or improve system performance (C.5.7.1.4.2).
• Maintain domain-wide, Windows-based software inventory. Develop queries used to support report of survey inquiries (C.5.7.1.4.2)
• Obtain and install all applicable software updates, security patches, and compliance orders while minimizing impact to the UAWC training environment (C.5.7.1.4.2).
• Organize mandatory software updates and security patches for deployment using enterprise level utilities, DoD and/or UAWC approved software (C.5.7.1.4.2).
• Collaborate with UAWC Information Assurance to ensure compliance remediation of resources/systems within operations area of responsibility (C.5.7.1.4.2).
• Advise UAWC on (C.5.7.1.4.2):
• Usage and viability of required software licenses.
• Capacity / performance levels of UAWC networks and provide recommendations to address known or anticipated shortfalls.
• Risk potential of critical systems, including single points of failure that could negatively affect continuous operations.
• Appropriate levels of spare hardware resources and resulting mission impact if levels are not maintained.
• Document specific recommendations provided, to include alternatives considered and rationale for recommended approach.
• Centrally manage and protect crucial resources through enterprise level backup and restoration of hardware and software systems (C.5.7.1.4.2).
• Utilize industry standards/tools to manage/maintain an enterprise backup solution supporting recovery restoral of core systems and essential data (C.5.7.1.4.2).
• Establish robust scheduled backups of critical servers, system data and shared folders ensuring configurations are in accordance with DoD/USAF/UAWC requirements and all associated appliances/hardware are monitored/maintained for optimum performance (C.5.7.1.4.2).
• Maintain appropriate host-based firewall and anti-virus configurations and implement applicable rules in accordance with DoD/USAF/UAWC requirements to best support operational events and exercises (C.5.7.1.4.2).
• Install and update system configurations based on applicable DoD, DISA (including Security Technical Implementation Guide [STIG]), and USAF security guidelines (C.5.7.1.4.2).
• UNIX/Linux Server Operations: The Contractor shall provide support for the UNIX/Linux functions including but not limited to application support (e.g., ACAS, OpenRMF, vCenter) on Red Hat Linux and/or other Linux/UNIX base appliances (C.5.7.1.4.2)
• Administer Assured Compliance Assessment Solutions (ACAS) by performing system vulnerability scans and risk assessments as mandated by DoD/USAF/USAFE/UAWC IA policy standards. Accomplish the following to maintain the UAWC’s Simulation Support Common Environment and its individual workstation components including, but not limited to (C.5.7.1.4.2):
• Design and implement a common computing environment that will support research and development for current and future simulation models.
• Ensure the environment meets all DoD security and data protection standards.
• Provide on-the-job training to military and civilian personnel in network operations and maintenance activities.
• Engineer interfaces for tactical communications systems to simulate UAWC simulations environment.
• Develop and update network diagrams and other configuration documents to include, but not limited to: provide detailed information (e.g., serial number, physical location, software version, end-of-life dates, maintenance/warranty status, etc.) for assigned network devices; record information in the approved location; assist in directly updating diagrams and other configuration documents; initiate document updates to reflect ongoing changes in accordance with UAWC plans and policies (C.5.7.1.4.2).
• Work in partnership with UAWC Communication Squadron network infrastructure, operations, Client Systems Technician (CST), and Information Assurance (IA) teams in remediating system security findings and ensuring systems comply with the latest Security Technical Implementation Guides (STIG) and have been approved for the intended network (C.5.7.1.4.2).
• Monitor system performance, identify, and submit innovative solutions to enhance existing Windows / Linux and network capabilities (C.5.7.1.4.2).
• In support of Modeling and Simulation (M&S), perform the following tasks (C.5.7.1.4.2):
• Support exercise core services or comparable technology with Linux and Windows software platforms in accordance with assigned projects, exercise plans, and designs.
• Provide Linux systems engineering/operations support to include building and deploying physical and virtual Linux servers and/or workstations, ensuring security updates are current with the latest security posture.
• Provide Windows Server operations support, to include Microsoft-based operating systems, virtual servers, and network topologies, and the integration of specialized applications for local exercise, testing, experiments, and remote exercise use.
• In support of the 19th EWS Electronic Warfare Threat to Air Operations (EW TTAO) and Live- Synthetic-Blended (LSB) mission set, perform all applicable system engineering support requirements listed above for the following 19th EWS unique training systems (C.5.7.1.4.2):
• POLYGONE Coordination Center (PCC) IT systems in garrison at Bann, Germany.
• IT portion of all 19th EWS and POLYGONE threat replication systems in garrison at Bann, Germany.
• Multinational Aircrew LSB Training System (MALTS) IT systems in garrison Bann, Germany (Primary) and travel as required in support of 19th EWS mobile mission (Secondary).
• Multinational Aircrew LSB Training System Deployable (MALTS-D) IT systems in garrison Bann, Germany (Primary) and travel as required in support of 19th EWS mobile mission (Secondary).
• Adaptable Range Exercise System (ARES) laptops in garrison at Bann, Germany.
• Radio Over IP (ROIP) kits in garrison at Bann, Germany.
• Provide continuity technical training to government and contract personnel as directed (C.5.7.1.4.2)