Public Key Infrastructure (PKI) & Windows Server Administrator

Position Overview

We are seeking an experienced Public Key Infrastructure (PKI) & Windows Server Administrator to support a federal agency’s enterprise IT environment in Bethesda, MD.

This role is primarily responsible for the administration, operations, and modernization of enterprise PKI services, while also providing hands-on Windows Server and Active Directory support due to cross-functional operational requirements.

The selected candidate will join the O&M team and participate in a 24/7 on-call rotation, supporting mission-critical infrastructure.

Key ResponsibilitiesPKI Infrastructure Administration

• Operate and maintain enterprise PKI infrastructure, including multi-tier Microsoft Active Directory Certificate Services (AD CS).
• Administer and manage Hardware Security Modules (HSMs).
• Perform certificate lifecycle management: issuance, renewal, revocation, validation, and auditing.
• Support smart card authentication and certificate-based authentication solutions.
• Implement and maintain secure email (S/MIME), mTLS, and system-to-system certificate integrations.
• Ensure PKI services comply with federal security frameworks and industry best practices.
• Support modernization and migration of PKI services to secure cloud-based architectures.

Windows Server & Active Directory Administration (Mandatory)

• Administer and maintain Windows Server environments (patching, upgrades, hardening, backup, automation).
• Manage and support Active Directory (GPOs, DNS, replication, trusts, identity integration).
• Ensure high availability, performance optimization, and system security.
• Provide cross-platform certificate integration support (Windows & non-Windows systems).
• Troubleshoot server, authentication, and infrastructure issues in production environments.

Operational Support

• Participate in 24/7 on-call rotation.
• Provide on-site support for physical PKI infrastructure in the DC Metro area.
• Support audit preparation, compliance validation, and security documentation.
• Work closely with cybersecurity, cloud, and network teams to ensure secure enterprise integration.

Required Qualifications

• 5+ years of hands-on experience in Windows Server Administration.
• 3+ years of direct experience managing enterprise PKI infrastructure.
• Strong experience with:
• Microsoft Active Directory Certificate Services (AD CS)
• Active Directory administration
• Windows Server (2016/2019/2022)
• Certificate lifecycle management
• HSM management
• Experience supporting federal compliance frameworks (FISMA, NIST, etc.).
• Ability to support on-site infrastructure in Bethesda, MD (within 50-mile radius).
• Experience supporting mission-critical O&M environments.
• Ability to participate in 24/7 on-call rotation.

Preferred Qualifications

• Experience with PKI cloud migration (Azure, AWS, or hybrid architectures).
• Experience with smart card/PIV authentication in federal environments.
• Experience integrating PKI with non-Windows platforms (Linux, network devices, applications).
• Security hardening and automation experience (PowerShell scripting preferred).

Preferred Certifications (Not Required)

• GIAC Certifications (GSEC, GCED, GCWN, etc.)
• ISC2 Certifications (CISSP, SSCP, etc.)
• Microsoft Certifications (Windows Server / Identity & Access)

Security Requirements

• Must be able to pass federal background investigation requirements.
• U.S. Citizenship may be required based on contract.

Job Type: Full-time

Pay: $65.00 - $85.00 per hour

Expected hours: 40 per week

Benefits

• 401(k)
• Dental insurance
• Health insurance
• Paid time off
• Vision insurance

Work Location: In person