Senior Security Engineer - Active Directory and Entra ID

PSE is Washington's largest Energy Company, serving over a million electric customers and over 800,000 natural gas customers.

The Identity Services Group is responsible for designing, deploying, and supporting PSE's enterprise IT systems. This includes our corporate network used by nearly 3,300 employees and 11,000 service accounts. We focus on enterprise solutions, productivity tools, and IT systems integration which helps move all of PSE's businesses forward.

As part of the Identity Services Group, a key responsibility is ensuring all Active Directory services are available and functional. We are also managing the lifecycle of the Infrastructure enterprise systems and the security components.

We are seeking a skilled and experienced Senior Security Engineer in Windows Active Directory (AD) Engineer and Entra ID to design, implement, secure, and maintain our enterprise environment. This role requires deep expertise in AD Group Policy Management and RBAC Design, DNS, ACL management, and integration with identity-related services and strong knowledge of Administrative Roles, Conditional Access Policies, IAM Administration and Design, and PIM within EntraID & Azure. The ideal candidate will also support the organization's efforts to modernize and secure its identity infrastructure.

As PSE modernizes our infrastructure, there will also be an opportunity to lead the implementation of PKI across the organization. This role is hybrid and required to work in the office at least half the time. PSE has a broad range of offices around our service territory.

• Troubleshoots and investigates straightforward problems independently.
• Intuitively grasps familiar, stable system performance situations.
• Responds to unfamiliar, undefined, unexpected, or unstable situations with the professionally prescribed standard response.
• Assists in development and implementation of Security systems and provides input into overall application design, including automated testing tools.
• Conducts studies and performance analyses and recommends changes.
• May function in a lead capacity within department and represent department in workflow and escalation discussions with others.
• Researches best practices for IT Security. Presents solutions and options for clients.
• Leads implementation and deployment efforts on intermediate projects.
• Participates in mid- to long-term security systems planning.
• Provides cost/benefit analysis on intermediate projects.
• Works with project manager to develop realistic work estimates, financial budgets, and project schedules. Reviews project deliverables for accuracy and provides assistance and mentoring to others.
• Designs IT security systems and/or interfaces to external networks.
• Evaluates and monitors PSE IT information flow and settings, ensuring compliance with IT security policies and architecture standards/guidelines.
• Evaluates security gaps and operational functionality of third-party product architecture and processes and provides effective solutions that bridge gaps and provide confidentiality, integrity, and availability of systems.
• Ensures internal and external security as well as adherence to compliance standards.
• Participates in evaluation of vendor proposals.
• Manages vendor/contractor relationships for assigned projects.
• Updates or creates documentation based on work performed.
• Works with IT professionals and managers, primarily within own segment.
• Proficiently applies IT methods, professional knowledge and PSE standards and practices to complex tasks and situations.
• Effective in relationships with business partners, professional peers, and other team members.
• Coaches less experienced IT professionals.
• Operates under general direction.
• Performs other duties as assigned.

• Two (2) year degree or certification in a technology-related field or equivalent combination of education, work experience or relevant military experience, and at least four (4) years of experience in related field.
• Four (4) years of directly related experience specifically in IT security technologies.
• Intermediate knowledge of information security concepts.
• Knowledge of security controls for servers and workstations.
• Understanding of various operating environments, e.g. Unix, Windows, Linux, Cisco IOS, AIX, Cisco UCS, VMWare.
• Highly skilled with extensive level of proficiency.
• Strong customer service and communications skills.
• Effective in relationships with business partners, professional peers, and other team members.

• Undergraduate degree.
• Customer centric focus with demonstrated ability to apply insights to meet customer technology needs and improve IT maturity.
• Proven experience working independently and/or in a team environments to deliver on initiatives.
• Demonstrated ability to drive for results to deliver against commitments.
• Growth mindset to rapidly learn new skills and be able to collaborate to deliver creative IT solutions.
• Solid verbal and written communications skills; ability to present and discuss technical information in a way that establishes rapport, persuades others, and gains understanding.
• Ability to effectively adapt to and apply rapidly changing technology to business needs.
• Knowledge and understanding of business needs, with the ability to establish and maintain a high level of customer trust and confidence.
• Proven ability to work under stress in emergencies; flexibility to handle pressure coming from all directions at one time.
• Strong analytical and problem-solving skills.
• Strong customer focus and ability to manage client expectations.
• Highly desirable are certifications in one or more of the following:
  
  
  
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • SANS-GIAC certifications family
  • Security Plus
  
  
  
  
• Familiar with regulatory compliance efforts such as PCI, Sarbanes-Oxley, or NERC-CIP.
• Familiar with NIST security policy and ability to review against security architecture technical requirements.