MLC Life Insurance. We have been protecting Australians for over 130 years. We respect the role we play in providing peace of mind for our customers, and we never lose sight of it.

Our Purpose

MLC Life Insurance is one of Australia’s leading life insurance specialists and a member of the Nippon Life Insurance Group, one of the world’s leading insurers. We are guided by our simple purpose: ‘A Promise for Life’. We provide almost 1.2 million Australians with reassurance that they and their loved ones will be supported when they need it most. It’s a promise that provides peace of mind and helps them sleep at night.

Our purpose is supported by Our Values of Do What’s Right, Deliver Together, Make it Simple, Own it and Aim High. It’s how we work together and behave every day in every interaction with our customers, partners and each other that defines who we are.

Our Strategy

Our strategy puts our customers at the centre of our ambition to be Australia’s leading and most trusted life insurer. It is through the commitment, energy and talent of everyone at MLC Life Insurance, working together, that we make a positive contribution to the lives of our customers. To support all of us to be at their best every day, we offer a flexible work environment centred on development, wellbeing, recognition and contribution.

With more than 1500 people nationally, we believe our success is built on the unique contribution of our people. Diversity and Inclusion is core to what we believe in and who we are. We aspire for everyone at MLC Life Insurance to feel valued and respected for who they are.

The Role

Reporting to the Security Operations Manager, the Identity and Access Management Specialist is a critical role in ensuring that highly effective, available and secured end to end Identity and Access Management Practises is delivered and maintained to support the cyber security operations team and the wider MLCL business.

You will be responsible for all activities relating to our central identity management systems (Okta) and user access review system (Saviynt) including and, not limited to, designing and engineering new features to respond to the business’ needs where necessary.

You will also be involved in wider project-based work to uplift the overall IDAM function to ensure that we meet our regulatory and risk obligations.

Other responsibilities include:

• Assessing existing infrastructure and developing identity systems management strategies, standards, and lifecycle plans
• Designing, planning and implementing new services or upgrades to existing services
• Maintaining a standard, stable and robust IdP platform and environment
• Undertaking problem diagnoses, correction and escalated support of IdP and UAR and associated integrated technologies across the organisation
• Participating in server/cloud service upgrades (hardware and software) and other general maintenance tasks
• Setting up and maintaining an effective testing environment and test changes to production servers in a controlled environment
• Performing and managing regular user access reviews
• Liaising with developers to integrate and onboard new systems to the IdP platform.
• Ensuring the IdP and UAR platforms have sufficient contingency plans in alignment with business criticality.
• Develop policies procedures and other documentation required to support the IdP and UAR operating environment.

About You

Coming from a varied background in cyber security with 3 to 5 years’ experience, you will possess a minimum of 2 to 3 years’ experience in an identity and access management focused role.

Your substantial knowledge and experience in identity and access management principles, practices, relevant standards and legislation coupled with a sound understanding of operating system platforms and security models will enable you to act as a SME in this space, in ensuring that we have a robust IDAM practice in place.

You are familiar in working within the financial services space with a high degree of scrutiny and need to comply to regulations. On top of that, you possess the ability to build and maintain strong relationships with internal and external stakeholders such as auditors, regulators and other cyber security experts which will enable you to respond quickly and effectively to any regulatory changes in relation to any cyber security obligations.

Other technical requirements include:

• Substantial knowledge and experience of Information Security best practices, policies, standards, and baselines, including industry standards and guidelines from ISO 27001/27002, NIST CSF and CIS
• Advanced computer literacy including proficiency in scripting languages such as SQL, Python, PHP, etc
• Product specific knowledge and certifications – Okta , Microsoft Active Directory, Azure Active Directory, Saviynt

Why Choose Us?

At MLC Life Insurance, you will have the opportunity to:

• work with a WGEA cited Employer of Choice for Gender Equality
• enjoy flexible work options and an inclusive environment where everyone is respected and valued for who they are and their unique contribution
• embrace a culture of customer centricity and an ambition to be Australia’s leading, most trusted Life Insurer
• access CircleIn Parental Support - an online support resource for our working parents
• access a range of benefits including competitive salary, lifestyle leave, two days volunteer leave every year, recognition of service milestones; and
• wellness and lifestyle offerings including access to Uprise – our Digital Wellbeing Program, as well as discounts on a variety of lifestyle and entertainment products and services.

Should an applicant be the preferred candidate, background checks (including Federal Police Checks, Employment checks, ASIC banned and disqualified persons and Bankruptcy checks) will be completed prior to the candidate's employment being confirmed. The outcomes of the background checks do not automatically bar candidates, however they will be assessed against the inherent requirements of the position.