We are looking for a hands‑on Security Controls Validation Engineer with strong experience in vulnerability management, security control assessment, and enterprise security technologies. The role focuses on identifying security gaps across enterprise environments, validating the effectiveness of existing security controls, and working closely with infrastructure, application, and endpoint security teams to drive remediation outcomes. The ideal candidate should have practical exposure to vulnerability management platforms, endpoint security technologies, and security frameworks such as NIST and Essential Eight, with a strong understanding of enterprise security operations and the ability to provide risk‑based recommendations.

• Perform vulnerability assessments across servers, endpoints, and infrastructure environments using enterprise security tools and manual validation techniques.
• Analyse security gaps and assess risk exposure across endpoint, infrastructure, and application environments.
• Validate the effectiveness of existing security controls and identify gaps where vulnerabilities exist despite security tooling being in place.
• Work closely with Infrastructure, Endpoint Security, Cloud, and Application teams to support remediation and closure of identified security findings.
• Re‑test and validate remediation activities to ensure vulnerabilities and control gaps are effectively addressed.
• Provide practical and implementable security recommendations aligned with enterprise operational constraints.
• Support targeted security validation activities to assess the effectiveness of endpoint protection and security policies.
• Assist in troubleshooting issues where security controls or endpoint policies impact business applications.
• Support attack simulation and control validation exercises to assess detection and response capabilities.
• Contribute to security assessments aligned with frameworks such as NIST and Essential Eight.
• Assist in validating compliance gaps identified during internal and external security audits.
• Provide clear and actionable reporting for technical teams, leadership stakeholders, and audit requirements.
• Support vulnerability management lifecycle activities including risk prioritisation, remediation tracking, and closure validation.

• Rapid7 InsightVM or similar vulnerability management platforms.
• Endpoint security technologies and enterprise security tooling.
• Windows and/or Linux server environments.
• Exposure to SIEM platforms such as Splunk is advantageous.

• Strong experience in vulnerability management and security control validation.
• Good understanding of enterprise security controls, endpoint security, and infrastructure security concepts.
• Experience analysing vulnerability data and prioritising remediation activities based on risk.
• Working knowledge of security frameworks such as NIST and Essential Eight.
• Exposure to enterprise endpoint security and vulnerability management platforms.
• Ability to collaborate effectively with cross‑functional technical teams.
• Strong communication, reporting, and stakeholder management skills.
• Self‑driven, practical, and outcome‑focused approach.

• Experience in large enterprise environments.
• Exposure to cloud security concepts and hybrid infrastructure environments.
• Basic scripting or automation knowledge (PowerShell, Python, or Bash).
• Exposure to security operations or incident response activities.