Senior Security Operations Engineer - IDAM

Senior Security Operations Engineer - IDAM Metcash is Australia’s leading wholesale distribution and marketing company with a diversified business across food, grocery, hardware and liquor sectors. The Senior Security Operations Engineer – IDAM is responsible for the management of Metcash IDAM landscape. As part of our maturity journey, we have a focus on identity and access management and building the framework of business processes, policies and technologies that facilitates the management of electronic or digital identities will be critical. Working closely across the IT function this role will drive collaboration and work with key stakeholders to ensure these technologies provide the ability to securely store identity and profile data as well as data governance functions to ensure that only data that is necessary and relevant is shared. In this Role

• IAM - Manage security controls for Azure AD, Active Directory, and Privileged Access Management (PAM) to enforce least privilege access.
• Develop, document, and implement IAM policies, processes, and technologies to meet business and security goals.
• Work with security architects, the Cyber Security team, and business stakeholders to design, implement, and optimize IAM products.
• Oversee user onboarding/offboarding, access provisioning, identity lifecycle management, and the enforcement of modern access management platforms like SSO, MFA, and PAM.
• Manage, configure, and optimize the PAM solution, including conditional access policies and privileged account management.
• Conduct audits, identify vulnerabilities, assess risks, and mitigate threats by understanding user access controls and authentication complexities on modern platforms.
• Lead incident response efforts for security incidents across on-prem and cloud environments, including containment, eradication, and recovery.
• Develop and maintain incident response plans and playbooks.
• Ensure compliance with industry standards and regulations (e.g., SOCI, ASD Essential 8, NIST).
• Implement and manage Azure Policy and Compliance practices to enforce governance across business environments.
• Collaborate with DevOps teams to automate security workflows and identity lifecycle events, such as onboarding/offboarding, user access reviews, and reporting.
• Provide leadership to DevOps, IT operations, and project teams to integrate security throughout the development and deployment lifecycle.
• Work with the Head of Security Operations to develop technical capabilities, foster a high-performing technical culture, and drive security outcomes across teams.

You’re Likely a Match If

• Bachelor’s degree in information technology, cyber security, or relevant industry experience.
• Relevant certifications such as Microsoft Certified: Identity and Access Administrator Associate (CS300), AZ-500, Azure Security Engineer Associate, or product-specific certifications from Identity software (Okta, SailPoint, Ping, etc.).
• Experience in Identity and Access Management (IAM), maturing programs, including policy, standards, processes, and service definition, from concept to implementation.
• Over 6 years of hands-on experience in IAM technologies such as SailPoint, Okta (SSO), Thycotic, BeyondTrust (PAM), MFA, and Active Directory (on-prem & Azure).
• Strong people and leadership skills, with the ability to act as the IAM subject matter expert.
• Team-oriented, collaborative, and able to build relationships with individuals at all levels.
• Effective communicator, able to present complex concepts clearly in both formal and informal settings, both verbally and in writing.
• Ability to communicate technical concepts to non-technical stakeholders.
• Analytical mindset with the ability to solve complex problems and implement practical, effective solutions using logical methods.
• Strong troubleshooting skills to identify the root cause of system failures and report IAM service performance metrics.
• Well-grounded knowledge in IT security areas such as networks, operating systems, databases, web technologies, and application development.
• Strong understanding of federated identity systems, directory services, role-based access control, MFA, SSO, and standards like SAML, OAUTH, NTLM, LDAP, Kerberos, etc.
• Experience with Security Technologies and Tools: In-depth knowledge of Public Key Infrastructure (PKI), Azure Key Vault, identity-based secrets management, and digital certificate management (issuance, renewal, and revocation).
• Familiarity with Continuous Integration and Delivery (CI/CD) pipelines (AzureDevOps), and ITIL/IT Service Management practices.
• Knowledge of security frameworks such as ASD Essential 8, NIST CSF2, and NIST 800-53.
• Experience in ensuring compliance with industry standards and regulatory requirements.
• Proven experience in incident response coordination, including managing incidents across cloud and on-prem environments.
• Ability to remain calm under pressure, manage multiple priorities, and act decisively in high-pressure situations.
• Experience in vendor management, SLA oversight.
• Industry experience in Logistics, Supermarket/Retail, Wholesale, or Critical Infrastructure is highly regarded.
• OT Security experience is also highly regarded.

Life at Metcash

• Experience a supportive and flexible work environment. We are a FlexReady accredited workplace!
• Enjoy a 5th week of annual leave every year after your first year.
• Benefit from 2 well-being days and 1 volunteer day annually.
• An abundance of learning, development, and career growth opportunities.
• 12 weeks of gender-neutral paid parental leave for primary carers.
• Proudly awarded “Bronze Employer for LGBTQ Inclusion”.
• Recognised as 45th in the global "Equileap Top 100" for initiatives on gender equity.
• A neutral gender pay gap of under 5% as published by WGEA 2022- 2023.
• Gold accreditation by Mental Health Australia.
• Incredible value discounts and perks through our team member app, “Our Local”.

About Us Metcash is Australia’s leading wholesale distribution company, with revenue exceeding $18 billion in FY23. We’re also an ASX top 100 listed company. We believe that it is absolutely vital to Australia that there is a sustainable, independent, family-owned business sector. Independent retailers support their local communities. We help them to be the ‘Best Store in Their Town’ by providing merchandising, operational and marketing support across our food, liquor and hardware pillars. We're dedicated to fostering diversity and inclusion in our workplace and are proud to be an equal opportunity employer. Joining our team means becoming part of something bigger, a company that actively promotes diversity, champions charitable causes, and supports environmental efforts. We welcome applications from individuals of all backgrounds, including First Nations. If you have any specific support or access needs, please don't hesitate to inform us when you apply. Rest assured; your personal information will be handled with the utmost confidentiality in accordance with applicable privacy laws. Join us and be part of something bigger! #J-18808-Ljbffr