ABOUT THE OPPORTUNITY

The Senior Security Operations Engineer – IDAM is responsible for the management of Metcash IDAM landscape. As part of our maturity journey, we have a focus on identity and access management and building the framework of business processes, policies and technologies that facilitates the management of electronic or digital identities will be critical.
Working closely across the IT function this role will drive collaboration and work with key stakeholders to ensure these technologies provide the ability to securely store identity and profile data as well as data governance functions to ensure that only data that is necessary and relevant is shared.

ABOUT US

Metcash is Australia’s leading wholesale distribution company, with revenue exceeding $18 billion in FY23. We’re also an ASX top 100 listed company.
We believe that it is absolutely vital to Australia that there is a sustainable, independent, family-owned business sector. Independent retailers support their local communities. We help them to be the ‘Best Store in Their Town’ by providing merchandising, operational and marketing support across our food, liquor and hardware pillars.
We’re dedicated to fostering diversity and inclusion in our workplace and are proud to be an equal opportunity employer. Joining our team means becoming part of something bigger, a company that actively promotes diversity, champions charitable causes, and supports environmental efforts. We welcome applications from individuals of all backgrounds, including First Nations. If you have any specific support or access needs, please don’t hesitate to inform us when you apply. Rest assured; your personal information will be handled with the utmost confidentiality in accordance with applicable privacy laws.
Join us and be part of something bigger!

LI-KS1

• IAM - Manage security controls for Azure AD, Active Directory, and Privileged Access Management (PAM) to enforce least privilege access.
• Develop, document, and implement IAM policies, processes, and technologies to meet business and security goals.
• Work with security architects, the Cyber Security team, and business stakeholders to design, implement, and optimize IAM products.
• Oversee user onboarding/offboarding, access provisioning, identity lifecycle management, and the enforcement of modern access management platforms like SSO, MFA, and PAM.
• Manage, configure, and optimize the PAM solution, including conditional access policies and privileged account management.
• Conduct audits, identify vulnerabilities, assess risks, and mitigate threats by understanding user access controls and authentication complexities on modern platforms.
• Lead incident response efforts for security incidents across on-prem and cloud environments, including containment, eradication, and recovery
• Develop and maintain incident response plans and playbooks.
• Ensure compliance with industry standards and regulations (e.g., SOCI, ASD Essential 8, NIST).
• Implement and manage Azure Policy and Compliance practices to enforce governance across business environments.
• Collaborate with DevOps teams to automate security workflows and identity lifecycle events, such as onboarding/offboarding, user access reviews, and reporting.
• Provide leadership to DevOps, IT operations, and project teams to integrate security throughout the development and deployment lifecycle.
• Work with the Head of Security Operations to develop technical capabilities, foster a high-performing technical culture, and drive security outcomes across teams.