🏢 Offshore Consulting Shops

XPT Software is an IT consulting and staff augmentation firm that provides personnel to work on projects for its clients, rather than hiring for its own internal business operations.

This company was flagged and excluded from default search results. Proceed with caution.

Save Job
Posted 1w ago

Security Controls Validation Engineer

@ XPT Software
Melbourne, Victoria, Australia
OnsiteContract
Responsibilities:performing assessments, validating controls, supporting remediation
Requirements Summary:Hands-on experience in vulnerability management, endpoint security, Rapid7/RunZero, Microsoft Defender for Endpoint, Trellix ePO, security control validation, and familiarity with NIST/Essential Eight frameworks.
Technical Tools Mentioned:Microsoft Defender for Endpoint, Rapid7 InsightVM, Trellix ePO, RunZero, Splunk, Windows, Linux, PowerShell, Python, Bash
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Job
description:
Security Controls Validation Engineer: Microsoft
Defender for Endpoint, Rapid7, and Trellix Application Control.

 

Experience: 5–10 Years

Below are the
mandatory key skills required for this role: Endpoint
Security, Defender, Rapid 7, Run Zero


Role Overview

We are looking
for a hands-on Security Controls Validation Engineer with strong experience in
vulnerability management, security control assessment, and enterprise security
technologies.

This role focuses on identifying security gaps across enterprise environments,
validating the effectiveness of existing security controls, and working closely
with infrastructure, application, and endpoint security teams to drive
remediation outcomes.

The ideal candidate should have practical exposure to vulnerability management
platforms, endpoint security technologies, and security frameworks such as NIST
and Essential Eight. The role requires a strong understanding of enterprise
security operations and the ability to provide practical, risk-based
recommendations.

Key
Responsibilities

·       Perform
vulnerability assessments across servers, endpoints, and infrastructure
environments using enterprise security tools and manual validation techniques

·       Analyse security gaps and assess risk exposure
across endpoint, infrastructure, and application environments

·       Validate effectiveness of existing security
controls and identify gaps where vulnerabilities exist despite security tooling
being in place

·       Work closely with Infrastructure, Endpoint
Security, Cloud, and Application teams to support remediation and closure of
identified security findings

·       Re-test and validate remediation activities to
ensure vulnerabilities and control gaps are effectively addressed

·       Provide practical and implementable security
recommendations aligned with enterprise operational constraints

·       Support targeted security validation
activities to assess effectiveness of endpoint protection and security policies

·       Assist in troubleshooting issues where
security controls or endpoint policies impact business applications

·       Support attack simulation and control
validation exercises to assess detection and response capabilities

·       Contribute to security assessments aligned
with frameworks such as NIST and Essential Eight

·       Assist in validating compliance gaps
identified during internal and external security audits

·       Provide clear and actionable reporting for
technical teams, leadership stakeholders, and audit requirements

·       Support vulnerability management lifecycle
activities including risk prioritisation, remediation tracking, and closure
validation

Technical
Exposure

·       Microsoft
Defender for Endpoint (MDE)

·       Rapid7 InsightVM or similar vulnerability
management platforms

·       Trellix ePO / Application Control (AWL)

·       Endpoint security technologies and enterprise
security tooling

·       Windows and/or Linux server environments

·       Exposure to SIEM platforms such as Splunk is
advantageous

What We're
Looking For

·       Strong
experience in vulnerability management and security control validation

·       Good understanding of enterprise security
controls, endpoint security, and infrastructure security concepts

·       Experience analysing vulnerability data and
prioritising remediation activities based on risk

·       Working knowledge of security frameworks such
as NIST and Essential Eight

·       Exposure to enterprise endpoint security and
vulnerability management platforms

·       Ability to collaborate effectively with
cross-functional technical teams

·       Strong communication, reporting, and
stakeholder management skills

·       Self-driven, practical, and outcome-focused
approach

Nice to Have

·       Experience
in large enterprise environments

·       Exposure to cloud security concepts and hybrid
infrastructure environments

·       Basic scripting or automation knowledge
(PowerShell, Python, or Bash)

·       Exposure to security operations or incident
response activities