Cyber Security Technical SME – Access Management

Identity & Access Management Specialist – NV2 Required Defence Program | Canberra | Long-term Contract

A major Defence program is seeking an experienced Identity & Access Management (IAM) Specialist to strengthen authentication services, uplift identity governance, and secure complex AD and hybrid environments. This role sits within a high-assurance ecosystem and requires an active NV2 security clearance.

Key Responsibilities

• Provide expert advice on the design, configuration, and management of Active Directory (AD) and IAM platforms.
  
  
• Implement and maintain privileged access controls, GPOs, delegation models, and RBAC.
  
  
• Support remediation of audit, risk, and identity governance findings.
  
  
• Conduct access reviews, segregation-of-duties checks, and AD security hardening.
  
  
• Work with governance and risk teams to ensure compliance with ISM, PSPF, and Defence security requirements.
  
  
• Contribute to identity uplift initiatives across authentication, federation, and identity lifecycle management.
  
  
• Produce high-quality documentation, including standards, patterns, and runbooks.

About You

• Minimum of 5 years’ experience in cybersecurity or a related discipline, with the ability to work autonomously in secure environments.
  
  
• Deep expertise in Active Directory administration: domain/forest design, GPOs, trusts, delegation, and secure configurations.
  
  
• Strong understanding of Kerberos/NTLM, authentication flows, and directory hardening.
  
  
• Experience managing hybrid identity (AD + Azure AD/Entra ID).
  
  
• Skilled in identity federation (SAML, OAuth, OIDC) and MFA/Conditional Access.
  
  
• Strong knowledge of Privileged Access Management (PAM) tools (CyberArk, Delinea).
  
  
• Experience with identity lifecycle (JML), RBAC, and privileged access controls.
  
  
• Ability to investigate identity-related incidents, including credential abuse and authentication failures.
  
  
• Proficient in UNIX/Linux administration (user/group management, sudoers, SSH hardening, LDAP/Kerberos/SSSD/Winbind integration).
  
  
• Strong troubleshooting across Windows, Linux, and authentication ecosystems.
  
  
• Skilled in scripting and automation (PowerShell, Bash, APIs).
  
  
• Familiarity with key frameworks: ASD Essential Eight, ISO 27001, NIST CSF, CIS Controls.
  

Desirable

• Experience with Zero Trust identity, advanced AD security, or IGA platforms.
  
  
• Certifications such as CISSP, CISM, GIAC.
  
  
• Background in Defence

We are an inclusive employer committed to fostering a diverse and accessible workplace. We encourage applications from Aboriginal and Torres Strait Islander peoples, people with disabilities, LGBTQIA+ individuals, people of all ages, and those from culturally and linguistically diverse backgrounds.