Job Titles:
Role 1: Security Architect - IAM
Role 2: Security Architect - Cyber Security Operations (SecOps)
Location: Melbourne
Employment Type: Contract
Contract Length: 6-month initial contract
Summary
Opportunity to join a premier enterprise Architecture & Delivery team to steer critical, high-impact security initiatives across an evolving digital landscape. We are seeking two technical leaders—one specialising in Identity and Access Management (IAM) and another in Cyber Security Operations (SecOps)—to embed security-by-design, Zero Trust principles, and resilient end-to-end solutions from conceptual design to operational handover. Operating under a hybrid model with 50% office attendance over a fortnight, both roles aim to drive business scalability, achieve regulatory compliance, and deploy advanced security patterns by collaborating closely with cross-functional delivery streams, enterprise architects, and senior technology partners.
Key Criteria for Roles
Role 1: Security Architect - IAM
Experience: 8+ years of professional experience in IT solution design, build, or delivery, with 5+ years dedicated to IT Security, IAM, IGA, PAM, and cloud security environments.
Identity & Access Technology: Expert hands-on experience with Entra ID (including Conditional Access Policies, Connect, B2B/B2C, ZTNA, Graph API) and Okta SSO (SAML, OIDC, OAuth).
Governance & Privileged Access: Strong architectural knowledge of IGA platforms (SailPoint, One Identity, or Saviynt) and PAM architectures (CyberArk or Beyond Trust).
Frameworks & Infrastructure: Proven understanding of identity-specific threat modelling, DevSecOps mindsets, and frameworks such as MITRE ATTCK and NIST AI RMF across hybrid cloud structures (VMware, AWS, Azure, GCP).
Education & Certification: Tertiary qualification in IT, Engineering, or a related field, combined with an industry standard certification such as CISSP.
Role 2: Security Architect - Cyber Security Operations (SecOps)
Experience: 8+ years of professional experience in IT solution delivery or design, with 5+ years focused on SIEM, SOAR, Vulnerability Management, and Continuous Threat & Exposure Management (CTEM).
SecOps & Automation Technology: Direct experience architecting and implementing solutions using Microsoft Unified SecOps Platforms, Microsoft Sentinel, Microsoft Defender XDR, and Splunk ES/SOAR.
Cloud Security Assurance: Technically proficient in securing hybrid cloud environments using native and third-party CASB, M365 E5 Security Services, Intune MDM, and Cloud Workload Protection platforms.
Frameworks & Framework Standards: Comprehensive knowledge of security and architecture frameworks including TOGAF, SABSA, MITRE Atlas, NIST RMF, ISO 27001, ISM, and ASD Essential 8.
Education & Certification: Tertiary qualification in IT, Computing, or Engineering, with highly regarded certifications such as CISSP, AWS Security Specialty, Microsoft AZ-500, or Microsoft SC-100.
Key Responsibilities
Role 1: Security Architect - IAM
Architect and implement modern identity and access management (IAM) models leveraging Entra ID, Ping Identity, and auxiliary technologies.
Deliver secure solution architecture artefacts (such as SAR, SOAP, and NFRs) tailored for identity portfolio epics.
Design and enforce robust network validation and enterprise authentication policies, including SSO, MFA, Conditional Access, and Passwordless Authentication.
Lead enterprise migrations involving legacy infrastructure upgrades, Exchange transitions, and broad application onboarding to Entra ID.
Govern and design solutions for Privileged Identity Management (PIM) and Privileged Access Management (PAM) to secure elevated credentials.
Automate identity lifecycle processes (Joiner-Mover-Leaver) and configure rigid RBAC models and compliance access reviews.
Role 2: Security Architect - Cyber Security Operations (SecOps)
Define the secure implementation strategy and construct security controls aligned with Microsoft Azure and M365 E5 Security Services.
Architect and implement SecOps solutions using Microsoft Defender, Microsoft Sentinel, Unified SecOps Platform, Microsoft Security Copilot, and Splunk ES/SOAR.
Deliver end-to-end solution architectures and architecture documentation for assigned SecOps portfolio epics.
Integrate and optimize Azure Sentinel to advance threat detection capabilities, incident response mechanisms, and AI security defense analytics.
Develop and maintain security policies, data loss prevention (DLP), data retention guidelines, and overarching compliance frameworks.
Formulate reference architectures and long-term capabilities roadmaps encompassing SIEM, SOAR, Threat Intel, Forensics, and Exposure Management.
If this sounds like you, someone you know, or you're ready for a confidential chat regarding your next career step, then apply below and/or send your email to nick.shannon@randstaddigital.com.au. All applications will be reviewed, however due to large demand, detailed feedback may not always be possible.
...
