Job details
We are seeking a technically skilled and security-conscious Identity and Access Engineer to join our Platform Services team. This role is central to maintaining secure, scalable, and modern identity services across the department. The team are also responsible for Windows Server environments, security tools and privileged access management, which this role will contribute to. You will work closely with colleagues across the ICT area and business areas in a dynamic and collaborative environment.
Key duties and responsibilities
- Maintain and manage enterprise identity management platforms including Microsoft Identity Manager (MIM), Unify Broker.
- Undertake troubleshooting and provide advice to stakeholders on identity and access issues and workflows, with a focus on MIM and integration with HR System.
- Drive continual improvement of identity and access workflows, models and configurations to improve security posture and user experience.
- Collaborate with infrastructure, cyber security, HR and application teams to deliver secure identity services.
- Contribute meaningfully to strategic planning and decision-making regarding identity and access management strategies, governance and roadmaps.
- Create and contribute to quality documentation such as change records, procedures, designs, security assessments and knowledge articles.
- Actively share knowledge and support the upskilling of staff within the team.
- May contribute to the support and maintenance of Privileged Access Management (PAM) solutions such as CyberArk and Secret Server and broader server management activities.
Technical skills
Please only present candidates with expert-level experience with Microsoft Identity Manager (MIM) as specified in the essential criteria. Applications and CVs without this skill will not be considered.
Essential criteria
1.Over 5 years of expert-level experience and demonstrated hands-on proficiency with core IAM technologies, including Microsoft Identity Manager (MIM), Unify Broker, advanced PowerShell scripting for automation and integration, and Entra ID for modern identity solutions.
2.Strategic understanding of access governance and access control in a complex government environment and contributing productively to strategic planning. These capabilities are essential, as the staff member's primary responsibility will be managing identity and access integration with the Human Resources (HR) system and account provisioning using MIM and Unify broker technologies.
3.Demonstrated ability to mentor and upskill staff.
Desirable criteria
1.Understanding of Cyber Security tools and methodologies including application whitelisting, host-based firewalls, vulnerability scanners and device control.
2.Understanding of Australian Government Cyber Security requirements, processes and artefacts including ISM, Essential 8 and ACSC hardening guides.
3.Strong experience in writing technical documentation including SOPs and design documentation.
4.Experience in Windows Server environment maintenance including Active Directory, Entra ID, DNS, PKI, ADFS, File and Print, DFS, Microsoft System Centre products and Intune (SCOM, SCCM/MECM) and GPO with Advanced Group Policy Management (AGPM).
Security clearance: minimum Baseline
