Our ‘black belt’ specialists are leaders in their domains: digital champions, delivery-focused experts, top-tier security professionals, AI thought leaders, and engineering best practice advocates.
With a global presence and local expertise, we deliver innovative solutions without compromising on quality. Our multidisciplinary teams provide tailored expertise to solve complex problems at scale, ensuring engineering excellence through our top technologists.
Empower Your Career with Us
Are you ready to join a dynamic team that empowers businesses through robust engineering capabilities? We seek talented individuals who thrive in a fast-paced environment with a strong sense of urgency and a focus on execution.
Overview of the Role
We are looking for two highly capable Security Configuration Management – Control Engineers to join our team.
We are on a mission to uplift our Risk and Security Posture Management and improve the security posture of our most critical assets.
In this hands-on role, you will be responsible for the design, operation, and ongoing effectiveness of the Security Configuration Management (SecCM) control across the organisation.
You will ensure technology assets are securely configured by default, continuously checked, and kept compliant with approved security baselines and regulatory requirements.
A major focus of this role involves remediating control gaps, updating vendor hardening guidelines, and operating enterprise tooling to drive practical engineering outcomes.
Key Responsibilities
Stakeholder Leadership: Partner with Product Owners to understand constraints and influence domain roadmaps to deliver baseline application, scanning, remediation, and governance outcomes.
Implementation Strategy: Develop a consolidated platform implementation view per domain, capturing baselines, enforcement, scanning, remediation, exceptions, and metrics.
Governance & Process: Establish a working exception/exclusion process with clear approvers and review cycles, alongside a standing governance cadence with Security design owners.
Metrics & Reporting: Deliver initial metrics reporting for operational effectiveness, including baseline coverage, scan health, deviation volumes, and remediation SLA performance.
Translation of Controls: Synthesise complex, conflicting stakeholder inputs into concise options, trade-offs, and recommendations, translating control requirements into platform-specific implementation steps.
Security Tooling: Proven experience operating enterprise security tooling, specifically Qualys, Wiz, and ServiceNow SecOps / Configuration Compliance.
Skills & Experience
Enterprise Collaboration: Exceptional stakeholder management skills with a proven ability to influence and deliver outcomes across multiple Product Owners without direct authority.
Security & Platform Background: Technical background in cyber security or infrastructure engineering with hands-on experience in secure configuration, system hardening, and configuration compliance.
Tooling Exposure: Experience with enterprise security tools (Qualys, Wiz, ServiceNow SecOps) and understanding of cloud/network technologies in large-scale environments.
Risk Governance: Ability to control a risk governance framework and operate effectively within enterprise constraints, supporting internal audits and assurance.
Facilitation: Effective facilitator with strong skills in running workshops, structured requirements capture, and decision-driven forums.
