Identity and Access Management (IAM) Manager

Bring your authentic and passionate self to this exceptional role #careerswithimpact  

Are you a strategic and dynamic Identity and Access Management (IAM) leader ready to make an incredible impact? Join our growing business in this pivotal role, reporting to the General Manager – Information Security and partnering with teams across our businesses.
 
As our new IAM Manager, you’ll establish and lead the IAM function, drive the design, build, and implementation of a IAM strategy that aligns with HESTA’s broader Information Security Strategy and business objectives. This is your opportunity to make a significant impact, shaping how HESTA protects and empowers our people, platforms, and members.

What you’ll do:

• Lead and inspire IAM across the organisation, cultivating a culture of collaboration, accountability, and continuous improvement.
• Develop and execute an enterprise-wide IAM strategy, aligned with HESTA’s security framework and business priorities.
• Establish and maintain policies, procedures, and standards that meet legislative, regulatory, and compliance requirements (including APRA CPS 234, ISO 27001).
• Collaborate with business and technology stakeholders to ensure IAM practices support secure and efficient access across all platforms.
• Provide expert guidance on the selection, implementation, and ongoing maintenance of IAM tools and technologies.
• Partner with Information Security leadership to identify and mitigate identity-related risks, ensuring ongoing compliance with evolving industry standards.

What you’ll bring:

• Proven leadership experience in Identity and Access Management, including managing teams and large-scale projects.
• Experience in a similar management role, ideally within financial services or superannuation.
• Strong understanding of IAM principles, practices, and technologies. 
• Deep understanding of identity governance, authentication protocols, access control models, and IAM technologies
• Strong knowledge of relevant frameworks and regulatory requirements (e.g. APRA CPS 234, ISO 27001, NIST)
• Experience and knowledge of security standards and frameworks such as NIST Cybersecurity Framework, ISO27001/2, CIS Benchmarks. 
• Knowledge of and experience building security controls and compliance requirements using various frameworks and regulations such as ISO270001, APRA CPS 234, PCI-DSS, OWASP, Privacy Act, Critical Infrastructure Act. 
• Ability to translate complex security concepts into actionable strategies aligned to business needs
• A collaborative approach and the communication skills to influence and engage stakeholders at all levels
• Relevant tertiary qualifications in technology, cybersecurity or related discipline coupled with certifications (CISSP, CISM, or CRISC) is desirable.

Benefits that matter and make a difference for our employees  

• Leave for those moments that matter, an additional 6 days of leave at the end of year, up to 6 days paid volunteer leave, gender neutral paid parental leave of 20 weeks, Gender Affirmation leave, reproductive health and wellbeing leave, Cultural and Ceremonial leave. Access your LSL after 3 years, take AL at half pay, and purchase up to 2 weeks additional leave (just to name a few!).  
• Your professional development matters, up to $5k per year professional development and up to 8 days professional development leave, HESTA scholarships and free access to a range of premium learning tools.  
• Your health and wellbeing matters, free annual flu shots and skin checks, incredible social events throughout the year and a comprehensive employee assistance program available 24/7.  
• Your financial wellbeing matters, up to 15% super, financial planning support, end of year payment for all Enterprise Agreement-covered employees, incentivised Employee Referral Program and novated lease options.  

We celebrate, value and include people of all backgrounds, genders, identities, cultures and abilities. We welcome and support applications from First Nations people, physically, neuro or culturally diverse, LGBTQI+, and people of any age. We are proud to be WGEA accredited as an Employer of Choice for Gender Equity.   

We want all candidates to feel safe, included and provided with the best opportunity to thrive, if you require reasonable adjustments during your application or throughout the recruitment process, please reach out to a member of the Talent team careers@hesta.com.au and we’ll call you to discuss.   

Ready to make your next move meaningful? Apply now and be part of something bigger at HESTA.

Please note: Applications via recruitment agencies will not be accepted for this position.