Principal System Administrator/ISSE

Job Description
We put our customers first - exemplified by our missions: "We Protect Those Who Protect Us®" and "We Innovate for Those Who Move the World." Sound like a team you want to be a part of? Come build your career with BAE Systems.
BAE Systems is seeking a highly trained and motivated Principal Closed Area Systems Administrator/Information Security Engineer to help lead SIPRNET related tasks and manage classified IT infrastructure operations in support of national security missions. This role is pivotal in ensuring the integrity, security, and availability of systems operating within Sensitive Compartmented Information Facilities (SCIFs) or other closed environments. You will serve as the technical lead for IT services, security compliance, and infrastructure readiness across high-impact, mission-critical programs.

In this role, you will be joining a team supporting internal customers, designing, implementing and managing lab infrastructure to meet the customer requirements while making impacts in the following ways;

• Build, configure, administer and troubleshoot Windows (and Linux) servers and user workstation hardware and software; design and implement workgroup-scale networks; build and manage authentication, file-share, and other collaboration servers to support groups of heterogeneous client systems.
• Prepare for audits and inspections , stand ups and configurations related to SIPRNET
• Work with facilities security staff to develop and apply hardening steps for systems for classified use
• Install and configure Trellix (McAfee) Linux Agents for endpoint protection and ePO integration.
• Deploy and configure Splunk Universal Forwarders on Linux systems; manage log ingestion and index routing.
• Reset LDAP BIND credentials within Splunk, ensuring connectivity and access control integration.
• Perform VCSA (vCenter Server Appliance) patching and lifecycle operations.
• Apply updates to VMware ESXi hosts, ensuring host profile compliance and uptime.
• Access and navigate the ESXi Direct Console User Interface (DCUI) for low-level host management.
• Perform Exchange operations in a classified environment including user mailbox creation, troubleshooting, and routine maintenance.
• Manage and maintain NetApp storage systems, including volumes, snapshots, and secure protocols.
• Operate in VMware vSphere environments, including provisioning, performance monitoring, and resource management.
• Install, configure, and maintain WSUS (Windows Server Update Services) for enterprise Windows patching.
• Document system configuration for new and existing systems. Experience with centralized authentication technologies such as LDAP and Active Directory domains in supporting (Windows/Linux) cross-platform clients is desirable.

Required Education, Experience, & Skills

• U.S. Citizenship as required by contract and an active U.S. Secret Security Clearance
• CompTIA Security+ or equivalent DoD 8570 IAT Level II certification
• SIPRNET Experience
• Experience with ACAST security
• 7+ years of experience (4+ years of experience with a degree) of relevant information technology or information security experience
• Experience with Trellix/McAfee agent installation and EPO integration.
• Hands-on expertise with Splunk Universal Forwarders, indexers, and LDAP integration.
• Experience with VMware infrastructure, including vCenter, VCSA, ESXi, and DCUI access.
• Working knowledge of Microsoft Exchange administration.
• Familiarity with NetApp management tools and SAN/NAS storage concepts.
• Solid experience operating within vSphere environments in mission-critical settings.
• Proficiency in Active Directory, including user/group management, OU structure, and GPOs.
• Hands-on experience with desktop system support (Windows OS) and endpoint hardening.
• Experience managing virtualized server environments (VMware or Hyper-V).
• Familiarity with monthly patching procedures, SCCM/WSUS, and vulnerability remediation.
• Strong documentation skills and familiarity with change/configuration management practices.

Because of the need for consistent, in-person collaboration and/or the requirement to perform all work onsite due to the nature of this role, it will be performed full-time on site. This means work will be conducted on location at a BAE Systems facility 100% of the time.

Preferred Education, Experience, & Skills

• Bachelor's Degree
• Certified Information Systems Security Professional (CISSP) certification
• Top Secret Security Clearance
• Experience in enterprise level Windows Server operating environments, including Windows Active Directory, Group Policy Management, SharePoint, Exchange services.
• Experience with TCP/IP and Microsoft Networking concepts would also be required, as well as Windows and Unix/Linux interoperability services (e.g. centralized authentication technologies for cross-platform clients) and Windows shell scripting.
• Virtual machine (VM) technologies (ESXi, VCenter, VSphere)
• NetApp Management
• PXE and WDS automated system installation technologies
• Automated backup systems
• Windows Server Administration
• Powershell scripting
• Configuration management tools (Subversion, ClearCase

Pay Information
Full-Time Salary Range: $107359 - $182510

Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.

Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.

About BAE Systems Electronic Systems
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference. Electronic Systems (ES) is the global innovator behind BAE Systems' game-changing defense and commercial electronics. Exploiting every electron, we push the limits of what is possible, giving our customers the edge and our employees opportunities to change the world. Our products and capabilities can be found everywhere - from the depths of the ocean to the far reaches of space. At our core are more than 14,000 highly talented Electronic Systems employees with the brightest minds in the industry, we make an impact - for our customers and the communities we serve.

This position will be posted for at least 5 calendar days. The posting will remain active until the position is filled, or a qualified pool of candidates is identified.