We are seeking a technically skilled and security-conscious Identity and Access Engineer to join our Platform Services team. This role is central to maintaining secure, scalable, and modern identity services across the department. The team are also responsible for Windows Server environments, security tools and privileged access management, which this role will contribute to. You will work closely with colleagues across the ICT area and business areas in a dynamic and collaborative environment. Requirements Key duties and responsibilities Support and maintain enterprise identity management platforms including Microsoft Identity Manager (MIM), Unify Broker. Contribute to the support and maintenance of Privileged Access Management (PAM) solutions such as CyberArk and Secret Server. Provide broad operational support for Windows Server environments, including SCOM, MECM and AD. Undertake troubleshooting and provide advice to stakeholders on identity and access issues and workflows. Collaborate with infrastructure, cyber, HR and application teams to deliver secure identity services. Drive continual improvement of identity and access workflows, models and configurations to improve security posture and user experience. Create and contribute to quality documentation such as change records, procedures, designs, security assessments and knowledge articles. Actively share knowledge and support the upskilling of staff within the team. Essential criteria 1.Experience with IAM and PAM principles, access governance and access control, including knowledge and experience with IAM technology such as MIM, Unify Broker and EntraID. 2.Detailed Windows Server understanding and experience including Active Directory, Entra ID, DNS, PKI, ADFS, File and Print, DFS, Microsoft System Centre products and Intune (SCOM, SCCM/MECM) and GPO with Advanced Group Policy Management (AGPM) 3.Understanding of Cyber Security tools and methodologies including application whitelisting, host-based firewalls, vulnerability scanners and device control Desirable criteria 1.Understanding of Australian Government Cyber Security requirements, processes and artefacts including ISM, Essential 8 and ACSC hardening guides 2.Experience contributing to improving identity and access management approach and outcomes. 3.Strong experience in writing technical documentation including SOPs and design documentation.
