Engineer, Customer Identity and Access (ForgeRock SME) en ASX

ASX: Powering Australia's financial markets

Why join the ASX?

When you join ASX, you’re joining a company with a strong purpose – to power a stronger economic future by enabling a fair and dynamic marketplace for all.

In your new role, you’ll be part of a leading global securities exchange with a strong brand. We are known for being a trusted market operator and an exciting data hub. 

Want to know why we are a great place to work, click on the link to learn more.

www.asx.com.au/about/careers/a-great-place-to-work

We are more than a securities exchange!

The ASX team brings together talented people from a diverse range of disciplines. 

We run critical market infrastructure, with 1 in 3 people employed within technology.  Yet we have a unique complexity of roles across a range of disciplines such as operations, program delivery, financial products, investor engagement, risk and compliance.

We’re proud of the diversity of our organisation and the culture of inclusion that all our people help to build every day. Our employee-led groups are known for celebrating cultural and religious events, championing LGBTIQ+ inclusion (recently achieving AWEI Bronze), inspiring giving and volunteering, promoting gender equality, and wellbeing.  We are an Employer of Choice for Gender Equality (WGEA) and a member of the Champions of Change Coalition for the advancement of gender equality in Australia. 

What’s On Offer

ASX are seeking a highly skilled IAM Forgerock Developer to take ownership of our customer identity practice within a leading financial services environment. This is hands on leadership role responsible for designing, building, and maintaining enterprise-grade identity and access (IAM) solutions across a complex ecosystem.

The successful candidate will drive the design and implementation of federated identity services, leveraging Forgerock (Ping) IAM suite to deliver secure, seamless, and scalable solutions for millions of customers.

The role requires deep technical expertise and the ability to lead and mentor other engineers, while collaborating with architects, technology teams, and business stakeholders.

What you’ll do:

• Lead the design, development, and implementation of Forgerock based IAM solutions, including authentication, authorisation, directory, and identity API services.  
• Provide ongoing support, troubleshooting, and maintenance of identity platforms, including participation in 24/7 on-call support rotation (shared across a team)
• Deliver federated identity solutions using protocols such as OAuth 2.0, OpenID Connect, and SAML 2.0.
• Implement CI/CD pipelines for IAM solutions, ensuring automation, testing, and secure deployment.
• Provide technical leadership to the IAM engineering team, ensuring best practices in coding, design patterns, and DevSecOps are applied.
• Collaborate with Enterprise Architects, Product Owners, and security stakeholders to align IAM strategy with business and regulatory requirements.
• Develop customisations, integrations, and extensions using Groovy, JavaScript, and Java.
• Ensuring IAM solutions support regulatory compliance, risk management, and operational resilience.

What you’ve done:

• Extensive hands-on experience with the ForgeRock Identity Platform (Access Manager, Identity Manager, Directory Services, Identity Gateway).
• Strong understanding of IAM standards and protocols: OAuth 2.0, OpenID Connect, SAML 2.0, SCIM.
• Experience designing and implementing federated identity solutions across large-scale enterprise or financial services platforms.
• Proficiency in scripting and programming: Groovy, JavaScript, Java (additional languages advantageous).
• Experience with CI/CD pipelines, automation frameworks, and containerisation (Jenkins, GitLab CI, Docker, Kubernetes).
• Strong knowledge of identity lifecycle management, access governance, privileged access, and role-based access control.
• Demonstrated ability to lead and mentor technical teams, while remaining hands-on with development and troubleshooting.
• Experience in financial services or other highly regulated industries is desirable.

And if you’ve got some of this, even better:

• Knowledge or experience with the SailPoint Identity Platform
• Must be able to think out of the box. The ability to troubleshoot non-standard / undocumented issues, to look at the big picture and determine a solution that fits within the existing framework
• Be confident to provide input to assist with continual improvements
• Accountable for execution according to established standards, procedures, and processes
• Accountable for day-to-day Identity & Access system queue and provide 2nd / 3rd level phone support
• Essential to follow current standards in IAM policies and procedures

• Active Directory administration and troubleshooting skills
• Understanding of LDAP and directory query services and tools (PowerShell scripting)
• Cloud platforms and applications technologies (Google, Azure and AWS)
• Experience in facilitating business process design and risk

What you need to enjoy and be good at for this role:

• Keen developer mindset who likes delivering good experiences for customers
• Strong control awareness in an environment where there is no compromise on process controls
• Analytical approach to identify current user profiles, map them to access matrices / models / roles and ensure these are maintained and reviewed appropriately
• Enjoy working in a collaborative environment to implement and maintain best practice security protocols
• Inquisitive nature to question the process to drive innovation
• Be a self-starter and take initiative to communicate, interact and cooperate with others
• Ability to adapt to high pressure situations and priorities
• Willingness to have a laugh with your team members

We make hiring decisions based on your skills, capabilities and experience, and how you’ll help us to live our values. We encourage you to apply even if you don’t meet all the criteria of this role. If you need any adjustments during the application or interview process to help you present your best self, please let us know.

At ASX Group, our diverse workforce is essential to build and maintain a fair and dynamic marketplace. We support flexible working and offer hybrid working options. Even if our roles are advertised as full-time, we encourage you to apply if you are interested in part-time or other flexible working arrangements.

We will arrange for successful candidates to have background checks, including reference and police checks completed as part of the on-boarding process.