Identity & Access Management Specialist – NV2 Required Defence Program | Canberra | Long-term Contract
A major Defence program is seeking an experienced Identity & Access Management (IAM) Specialist to strengthen authentication services, uplift identity governance, and secure complex AD and hybrid environments. This role sits within a high-assurance ecosystem and requires an active NV2 security clearance.
Key Responsibilities
* Provide expert advice on the design, configuration, and management of Active Directory (AD) and IAM platforms.
* Implement and maintain privileged access controls, GPOs, delegation models, and RBAC.
* Support remediation of audit, risk, and identity governance findings.
* Conduct access reviews, segregation-of-duties checks, and AD security hardening.
* Work with governance and risk teams to ensure compliance with ISM, PSPF, and Defence security requirements.
* Contribute to identity uplift initiatives across authentication, federation, and identity lifecycle management.
* Produce high-quality documentation, including standards, patterns, and runbooks.
About You
* Minimum of 5 years’ experience in cybersecurity or a related discipline, with the ability to work autonomously in secure environments.
* Deep expertise in Active Directory administration: domain/forest design, GPOs, trusts, delegation, and secure configurations.
* Strong understanding of Kerberos/NTLM, authentication flows, and directory hardening.
* Experience managing hybrid identity (AD + Azure AD/Entra ID).
* Skilled in identity federation (SAML, OAuth, OIDC) and MFA/Conditional Access.
* Strong knowledge of Privileged Access Management (PAM) tools (CyberArk, Delinea).
* Experience with identity lifecycle (JML), RBAC, and privileged access controls.
* Ability to investigate identity-related incidents, including credential abuse and authentication failures.
* Proficient in UNIX/Linux administration (user/group management, sudoers, SSH hardening, LDAP/Kerberos/SSSD/Winbind integration).
* Strong troubleshooting across Windows, Linux, and authentication ecosystems.
* Skilled in scripting and automation (PowerShell, Bash, APIs).
* Familiarity with key frameworks: ASD Essential Eight, ISO 27001, NIST CSF, CIS Controls.
Desirable
* Experience with Zero Trust identity, advanced AD security, or IGA platforms.
* Certifications such as CISSP, CISM, GIAC.
* Background in Defence
We are an inclusive employer committed to fostering a diverse and accessible workplace. We encourage applications from Aboriginal and Torres Strait Islander peoples, people with disabilities, LGBTQIA+ individuals, people of all ages, and those from culturally and linguistically diverse backgrounds.