We are seeking a specialist Identity Engineer to lead the design, implementation, and optimisation of Identity and Access Management (IAM) across a large scale government cloud environment. This role is focused on fortifying the "identity perimeter" using Microsoft Entra (Azure AD) and driving critical least privilege uplift initiatives.
MANDATORY REQUIREMENTS: Security Clearance
- Security Clearance: You MUST hold an active AGSVA Baseline Clearance. Candidates holding an NV1 clearance (or those eligible to obtain one) are highly preferred.
- Applications not meeting these specific government requirements cannot be considered.
The Role
As an Identity Engineer, you will be the primary architect of access control. You will move beyond simple user management to design complex RBAC models, remediate privileged access, and ensure that every identity whether human or machine operates under the principle of least privilege.
Key Responsibilities:
- Entra ID Management: Design and maintain advanced IAM solutions using Microsoft Entra (Azure AD) for users, applications, and services.
- RBAC Architecture: Design and refine Role-Based Access Control models that align with both technical requirements and granular business logic.
- Least-Privilege Uplift: Lead proactive initiatives to identify excessive permissions, performing deep-dive clean-ups of high-risk accounts and entitlements.
- IAM Pattern Development: Author and document reusable IAM patterns to standardise how identities are onboarded and managed across cloud and DevOps workflows.
- Privileged Access Remediation: Execute the remediation of privileged access, ensuring that administrative roles are tightly controlled and audited.
- Collaboration & Governance: Partner with security and platform teams to embed identity controls into CI/CD pipelines and support continuous identity governance and access reviews.
- Technical Advisory: Act as a Subject Matter Expert (SME) on identity security standards, providing clear documentation and strategic recommendations to stakeholders.
Your Technical Profile
We are looking for a specialist with significant hands-on experience in modern identity stacks and a "security-first" mindset.
Technical Essentials:
- Microsoft Entra Mastery: Strong experience with Azure AD, including Conditional Access, Identity Protection, and App Registrations.
- Access Modelling: Proven ability to design and implement enterprise-grade RBAC and ABAC models in cloud-native environments.
- Remediation Expertise: Demonstrated success in assessing and stripping back over permissioned identities and privileged roles.
- Identity Standards: Deep understanding of least-privilege principles, OAuth2, SAML, and OIDC.
- Communication: Exceptional stakeholder engagement skills, with the ability to explain the necessity of restrictive access controls to various teams.
Qualifications & Certifications:
- Highly Regarded: Microsoft Certifications in Identity and Access Administrator (SC-300) or Azure Security (AZ-500).
- Platform Integration: Experience integrating Entra ID with multi-cloud platforms (AWS/Azure), SaaS apps, and legacy enterprise systems.
- Industry Context: Previous experience working within the Australian Government or a similarly regulated sector.
At Randstad Digital, we are passionate about providing equal employment opportunities and embracing diversity to the benefit of all. We actively encourage applications from any background.
...
