Security Controls Engineer

The Junior Security Controls Engineer supports the design, implementation, and maintenance of security controls that protect enterprise systems and data. This entry-level role focuses on configuration hardening, baseline enforcement, vulnerability mitigation support, and control monitoring across endpoints, servers, and cloud services. The role provides hands-on experience in control engineering while working under the guidance of senior engineers., * Assist in implementing and maintaining security controls across endpoints, servers, and cloud environments (Azure/AWS).

• Support system hardening efforts using established benchmarks (e.g., CIS) and secure configuration baselines.
• Help remediate vulnerabilities through configuration changes and assist in applying compensating controls.
• Monitor configuration compliance and support drift detection and remediation activities.
• Execute control validation testing and document results for audit and compliance purposes.
• Develop basic automation scripts (PowerShell/Python) to support control enforcement and reporting.
• Partner with Vulnerability Management teams to track remediation progress and reduce risk exposure.
• Assist with documentation including standards, procedures, and runbooks for control operations.
• Support audit requests by gathering evidence and preparing reports under supervision.

Typical Deliverables

• Configuration baseline check reports and remediation tracking logs.
• Vulnerability mitigation support artifacts and tracking metrics.
• Control testing documentation and evidence packages.
• Basic automation scripts for control monitoring or reporting.
• Audit support documentation and evidence collection outputs.

• 1-3 years of experience in IT, systems administration, or cybersecurity roles.
• Basic understanding of operating systems (Windows/Linux) and security configurations.
• Familiarity with core cybersecurity concepts (authentication, access control, encryption, logging).
• Exposure to vulnerability scanning tools or endpoint security solutions is a plus.
• Basic scripting knowledge (PowerShell, Python, or similar) preferred.
• Strong attention to detail and ability to follow established procedures.
• Ability to learn quickly and adapt in a fast-paced technical environment., * Experience in cybersecurity or systems administration.
• Familiarity with cloud platforms (Azure or AWS).
• Exposure to tools such as Microsoft Defender, Tenable, or similar platforms.
• Entry-level certifications such as Security+, AZ-900, or AWS Cloud Practitioner.

Core Competencies

• Strong problem-solving and analytical thinking.
• Detail-oriented with a focus on accuracy and consistency.
• Willingness to learn and take direction from senior engineers.
• Team collaboration and communication skills.
• Interest in cybersecurity and continuous improvement.

Success Measures (KPIs)

• Completion rate of assigned control tasks and remediation activities.
• Accuracy and quality of audit evidence preparation.
• Contribution to reduction of low/medium vulnerabilities.
• Timeliness of support in control validation and monitoring tasks.
• Growth in technical skills and certifications over time.