Security Controls Validation Engineer

Role Overview

We are looking for a hands -on Security Controls Validation Engineer with
strong experience in vulnerability management, security control assessment, and
enterprise security technologies.

This role focuses on identifying security gaps across enterprise environments,
validating the effectiveness of existing security controls, and working closely
with infrastructure, application, and endpoint security teams to drive
remediation outcomes.

The ideal candidate should have practical exposure to vulnerability management
platforms, endpoint security technologies, and security frameworks such as NIST
and Essential Eight. The role requires a strong understanding of enterprise
security operations and the ability to provide practical, risk -based
recommendations.

Key Responsibilities

• Perform vulnerability assessments across servers, endpoints, and
  infrastructure environments using enterprise security tools and manual
  validation techniques
  
• Analyse security gaps and assess risk exposure across endpoint,
  infrastructure, and application environments
  
• Validate effectiveness of existing security controls and identify
  gaps where vulnerabilities exist despite security tooling being in place
  
• Work closely with Infrastructure, Endpoint Security, Cloud, and
  Application teams to support remediation and closure of identified
  security findings
  
• Re -test and validate remediation activities to ensure
  vulnerabilities and control gaps are effectively addressed
  
• Provide practical and implementable security recommendations
  aligned with enterprise operational constraints
  
• Support targeted security validation activities to assess
  effectiveness of endpoint protection and security policies
  
• Assist in troubleshooting issues where security controls or
  endpoint policies impact business applications
  
• Support attack simulation and control validation exercises to
  assess detection and response capabilities
  
• Contribute to security assessments aligned with frameworks such as
  NIST and Essential Eight
  
• Assist in validating compliance gaps identified during internal and
  external security audits
  
• Provide clear and actionable reporting for technical teams,
  leadership stakeholders, and audit requirements
  
• Support vulnerability management lifecycle activities including
  risk prioritisation, remediation tracking, and closure validation
  

Technical Exposure

• Microsoft Defender for Endpoint (MDE)
  
• Rapid7 InsightVM or similar vulnerability management platforms
  
• Trellix ePO / Application Control (AWL)
  
• Endpoint security technologies and enterprise security tooling
  
• Windows and/or Linux server environments
  
• Exposure to SIEM platforms such as Splunk is advantageous
  

What We're Looking For

• Strong experience in vulnerability management and security control
  validation
  
• Good understanding of enterprise security controls, endpoint
  security, and infrastructure security concepts
  
• Experience analysing vulnerability data and prioritising
  remediation activities based on risk
  
• Working knowledge of security frameworks such as NIST and Essential
  Eight
  
• Exposure to enterprise endpoint security and vulnerability
  management platforms
  
• Ability to collaborate effectively with cross -functional technical
  teams
  
• Strong communication, reporting, and stakeholder management skills
  
• Self -driven, practical, and outcome -focused approach
  

Nice to Have

• Experience in large enterprise environments
  
• Exposure to cloud security concepts and hybrid infrastructure
  environments
  
• Basic scripting or automation knowledge (PowerShell, Python, or
  Bash)
  
• Exposure to security operations or incident response activities