Product Owner - User Security at New South Wales Government

Sydney, New South Wales, Australia -

Full Time

Start Date

Immediate

Expiry Date

30 Jul, 26

Salary

0.0

Posted On

01 May, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Identity Governance, Access Management, User Authentication, Single Sign-On, SAML, Certificate Authority, RACF, Role-Based Access Control, Adabas, Natural, Multi-Factor Authentication, API Gateway, OAuth, Privileged Access Management, Auditing, Compliance

Industry

Law Enforcement

Description

Computer Systems Officer Level 5 Ongoing Full-Time Parramatta About us The NSW Police Force (NSWPF) is one of the largest police forces in the western world, with more than 20,000 employees, including more than 4,000 administrative employees who support the sworn officers that provide a range of law and order services 24 hours a day, seven days a week to the socially, geographically and culturally diverse community of NSW. About the role We have an opportunity for a Product Owner - User Security to be part of our Network & Security Platform Services, Technology & Communication Services Command. The Product Owner - User Security is responsible for leading a team of Security Administrators in providing user authentication and access control administration and auditing across the diverse platforms which make up the NSW Police Information systems. Roles and responsibilities of the Product Owner: Identity Governance and Access Management Own and manage automated identity governance and control processes, leveraging SAP feeds and organisational hierarchy to ensure accurate provisioning and deprovisioning of user access. Define and enforce access provisioning policies in coordination with internal business units. Deliver and support Single Sign-On (SSO) solutions for internal web applications and LDAP-based environments. Manage and support external identity federations using SSO and SAML-based authentication protocols. Certificate and Cryptographic Services Manage the internal Certificate Authority (CA), including lifecycle management, approval, issuance, renewal, and revocation of digital certificates. Oversee external certificate management services, including the transition from Entrust to DigiCert, ensuring continuity, compliance, and operational integrity. Ensure certificate services meet organisational security, compliance, and audit requirements. Mainframe and Enterprise Systems Access Control Manage RACF services, providing role-based access control (RBAC) for developers, police officers, and external agencies. Oversee profile creation, association, review, and deprovisioning, including the removal of redundant and revoked access. Manage library associations and secure access for system programmers, operators, and developers. Administer Adabas/Natural access controls, including authorised personnel access, started tasks, automation profiles, Natural group access, and multi-level dataset permissions. Ensure ongoing system maintenance, auditing, and compliance across mainframe environments. Authentication, API, and Privileged Access Platforms Deliver and manage Multi-Factor Authentication (MFA) services using OneSpan, supporting NSWPF staff, external agencies, IT vendors, and RADIUS-enabled applications with hardware and software tokens. Manage Layer 7 API Gateway services, including OAuth authentication, Mobile API Gateway (MAG), One-Time Tokens (OTK), and application level authorisation. Oversee Privileged Access Management (PAM) solutions to ensure secure access to privileged accounts, systems, and servers in accordance with least-privilege principles. Audit, Compliance, and Reporting Provide logon and logoff audit reporting to Professional Standards Command (PSC) and external agencies, including COP audits. \Deliver monthly and quarterly audit reports covering: User access and termination reviews Privileged access (including Desktop Administrators and Local PC Administrators) RACF access reviews and mainframe access revocations Ensure IAM services meet NSWPF audit, governance, and compliance obligations View the relevant role description for more information on this role (e.g. essential requirements, key accountabilities, key challenges and capabilities required for the role) What we can offer you At NSWPF our people have access to a range of benefits that help balance life at work and at home. Some of the benefits available when you join the NSWPF include: competitive salary; flexible work options; opportunity to purchase leave; annual leave loading; corporate wellbeing programs including seminars and the Fitness Passport; free annual influenza vaccination; salary packaging options via superannuation contributions or a novated vehicle lease; convenient location for public transport and to shops etc; and in-house gym facilities. How to Apply Applications can only be submitted electronically via the I Work for NSW website. To be considered for this role, attach a cover letter (2 pages maximum) and an up-to-date resume that clearly details your skills & experience as relevant to this role. Please do not attach copies of qualifications, certificates or documentation (other than what has been requested) - you can bring these if called for interview. Please address each of the following Target Questions (500 words per question) in the text boxes provided in the online application or attach as a separate document. Target Question 1: Provide an example of your experience in working with User Security. What technologies have you used to solve User Security problems and what was your exposure to them? Target Question 2: Describe a scenario where you had to provide a solution for controlling and supervising privilege escalation on the organisation resources to prevent unauthorised access. What was the issue and what techniques have you used to implement/ control this? Your application must stand on its own merits, and the completeness and relevance of your application will determine if you proceed through to the selection process. If you require any further information about this opportunity, please contact the hiring manager Arafat Rahman via (02) 8835 7241. To be eligible to apply for this role, you must meet one of the following statuses: an Australian Citizen; a permanent resident of Australia; or a New Zealand citizen. Prior to commencement, the successful candidate will be required to undergo a rigorous National Police (criminal history) Check and obtain and maintain a Security Clearance as determined by the NSW Police Force. Our commitment to Diversity: At the NSW Police Force, we are proud to be an employer of a diverse range of people. We are committed to reflecting the diverse community we serve and creating an inclusive and respectful workplace for all employees where differences are embraced, contributions are valued, and everyone has a sense of connection and belonging. We welcome applications from individuals with diverse skills, experiences, and backgrounds including Aboriginal and Torres Strait Islander peoples, LGBTQIA+ individuals, people with disability, neurodiverse individuals, those from culturally and linguistically diverse communities, and people of all ages. We understand that the recruitment journey may present unique challenges. If you: Identify as Aboriginal or Torres Strait Islander and would like support with your application, please contact the NSWPF Aboriginal Employment & Engagement team at PCC-AEET@police.nsw.gov.au Identify as a person with disability and require further information on the role or adjustments to participate in the recruitment process, please contact the Inclusion & Diversity team at PCC-INCLUSION@police.nsw.gov.au Are transgender or gender diverse and want to learn more about our support options, please contact the Inclusion & Diversity team at PCC-INCLUSION@police.nsw.gov.au This recruitment may be used to create a Talent Pool for similar future roles (ongoing or temporary) that may arise over the next 18 months. For more information on applying for roles with the NSW Police Force click here Thank you for your interest in this role. We look forward to receiving your application.

Responsibilities

The Product Owner leads a team of Security Administrators to manage identity governance, access control, and authentication across diverse NSW Police information systems. Responsibilities include overseeing certificate services, mainframe access, API security, and ensuring compliance through rigorous auditing and reporting.