Security and Platform Control Owner

Security and Platform Control Owner Your new company
You will join a global professional services organisation delivering technology and security services into highly regulated Australian environments. The organisation partners with large, mission-critical clients where availability, security, and audit defensibility are non-negotiable. The environment operates under stringent regulatory, privacy, and compliance frameworks, with production platforms containing sensitive personal information (PII). Security controls are treated as first-class operational assets, not afterthoughts.
Your new role

• This is a senior Security & Platform Control Owner role, accountable for the end-to-end design, operation, and integrity of security controls protecting production systems containing PII. You will act as the named owner of a critical security boundary, spanning: Endpoint and device security, identity and access management, Secure network access, Cloud platform security
  This role is not a generalist infrastructure or shared BAU position.
  You own how security decisions are made, enforced, monitored, and evidenced - and you are the single escalation point for security-critical platform issues.
• Key responsibilities include:
• Owning device compliance and application control for a managed Windows environment
• Designing and enforcing Conditional Access policies that gate access to sensitive systems
• Ensuring identity, device, and network posture signals are reliable and aligned
• Owning secure access policy design across the internet and private application access
• Maintaining hardened cloud platform configurations aligned to regulatory standards
• Closing penetration test findings in a systematic, repeatable manner
• Providing clear, auditable evidence of control effectiveness
• Preventing control drift across endpoint, identity, network, and cloud layers

What you'll need to succeed
This role requires depth, judgement, and control ownership experience across all the following domains:Endpoint & Device Security (Microsoft Intune)

End-to-end ownership of Windows device lifecycle and compliance
Device posture enforcement used in Conditional Access decisions
Autopilot enrolment design and remediation
Application packaging, deployment, and troubleshooting
Patch management, update rings, and application control

Identity & Access Management (Microsoft Entra ID)

Conditional Access design for PII-bearing environments
MFA, authentication strength, and session control enforcement
Privileged access models and access reviews
Identity lifecycle and audit evidence production
Integration with endpoint, network, and cloud controls

Network & Secure Access

Secure internet and private application access policy design
Least-privilege enforcement based on identity and device posture
Investigation of access anomalies and security incidents
Change control and audit-ready documentation

Cloud Platform Security (Azure)

Subscription governance, segmentation, and RBAC
Secure production workload deployment
Remediation of platform-level security findings
Logging, monitoring, and alerting ownership

Additional requirements

Experience in regulated or security-sensitive environments
Strong understanding of audit, compliance, and penetration testing expectations
Ability to act as the final decision-maker during security-critical incidents
NV1 clearance or eligibility to obtain clearance (MUST be an AU citizen)
What you'll get in return
12 M contract with a potential to turn permanent, Competitive Daily Rates, Can work from anywhere in Australia
What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.
#2991039