Identity and Access Security Engineer (AU)

Work with cutting edge technology, making the world a safer and more secure place. DroneShield (ASX:DRO) offers an opportunity to solve some of world’s most challenging technical problems in the Electronic Warfare, Artificial Intelligence and Machine Learning, RF sensing, Sensor Fusion and distributed systems. Working with high profile customers across militaries, government agencies, airports, critical infrastructure, law enforcement and many others.

With one of the largest listed defence company market capitalisations in Australia and having raised approximately $250m in 2024 alone, DroneShield is undergoing hypergrowth stage, fuelled by rapidly increasing use of drones for nefarious applications, from battlefield, to terrorism, to contraband delivery and commercial espionage.

This role is in the DroneShield Sydney headquarters in Pyrmont, Sydney. There are approximately 260 staff based in the 4,000sqm facility today, scheduled to grow to approximately 300 staff by end of 2026. Overseas on the ground presence includes Virginia (USA), Denmark, Germany and Dubai, as well as distributors in over 70 countries globally.

About the role

DroneShield is seeking an Identity and Access Security Engineer with relevant experience to join the Security team in Sydney, NSW.

The Security team is a nimble team responsible for protecting DroneShield's assets and users. Our adversaries are sophisticated and use state-of-the-art tooling. To protect DroneShield, we need to focus on the biggest risks, eliminate threats, focus on automation to scale our efforts and continually increase the cost to the attackers.

Key responsibilities for this role include working with our IT and Platform teams to ensure strong authentication mechanisms and Privileged Identity Management for users, services and devices. Additionally, working with the Product teams to enhance authentication into our products, including our air-gapped hardware products.

Be a core contributor of the ZeroTrust strategy and an advocate for change.

The ideal candidate will have strong communication skills, being a hands-on engineer and will have a systemic view of the problem space focusing on solving the biggest problems and designing solutions that can scale.

They also should have a strong background in computer science, demonstrated experience in developing and maintaining backend systems in high-stakes environments, and technical expertise in authentication and authorisation protocols (OAuth, SAML, etc). They should also have knowledge of ZeroTrust and/or Beyond Corp.

This position offers the opportunity to contribute to the security of hardware Products with complex threat models.

Responsibilities, Duties and Expectations 

• Lead key strategies in the Identity and Access space 
• Implementing phishing resistant MFA and rollout across systems 
• Design and implement Just In Time access to critical systems 
• Design and create strong identities for users, devices and products. 
• Influence strong authentication for BYOD 
• Manage multiple concurrent projects and solve cross-product problems 

Qualifications, Experience and Skills 

• BS degree in Computer Science, Information Technology or similar technical field of study or equivalent practical experience.  
• Demonstrated experience working in software engineering roles 
• On-the-tools engineering experience – must be hands-on 
• Minimum 5 years’ experience in related roles. Roles could include: 
• • Security Engineer 
  • Identity and Access Engineer 
  • Software Engineer 
• Knowledge of the following would also be essential: 
• • Can design and implement systems using Go or Python 
  • Modern app security and application architectures  
  • Strong expertise in software engineering best practices 
  • Infrastructure as Code and experience with cloud-based environments 
  • Comfortable on the command line in a Linux first environment 
  • Threat Modelling – focus on the threat, controls and mitigations. 
  • Knowledge of authentication, authorisation and cryptographic protocols  
• Knowledge of the following would also be desirable: 
• • Strong problem-solving and analytical skills. 
  • Ability to think creatively to identify potential security vulnerabilities. 
  • Systems thinking: focus on design solutions that improve the system 
  • Excellent communication skills to explain complex technical concepts. 

Note for recruitment agencies: We do not accept unsolicited candidates from external recruiters unless specifically instructed.