Security Control Test Specialist - Remote
Posted 1 week ago by Lucid Support Services Ltd
Negotiable
Undetermined
Remote
England, United Kingdom
Summary: The Security Controls Test Specialist is tasked with evaluating the design and effectiveness of security controls within the organization, focusing on NIST and related frameworks. This role involves validating implementations, identifying control gaps, and supporting remediation efforts to maintain compliance with internal and external regulations. The position is critical for ensuring a robust security posture across the organization. The role is offered as a 6-month remote contract.
Key Responsibilities:
- Apply deep knowledge of NIST security controls to define and assess appropriate control implementations.
- Map controls to the specific systems, environments, and regulatory requirements applicable to the organization.
- Draft control implementation statements tailored to the technology and business environment.
- Support stakeholders in interpreting and applying control requirements effectively.
- Conduct hands-on control assessments to verify design and operating effectiveness.
- Perform validation activities using manual and automated testing techniques.
- Evaluate control effectiveness and assign appropriate ratings.
- Develop and maintain Control Testing Playbooks and procedures that align with security standards, regulations, and organizational policies.
- Ensure consistency in testing approaches across all security domains.
- Produce detailed technical assessment reports, highlighting compliance status, control gaps, and areas of non-compliance.
- Recommend remediation actions and risk treatments in collaboration with asset and control owners.
- Communicate identified control gaps and testing outcomes clearly to asset owners, control owners, and senior stakeholders.
- Provide expert guidance on control improvements and security hardening strategies.
- Schedule and conduct periodical re-testing to validate the effectiveness of remediation actions.
- Support broader security assurance programs with control testing evidence.
Key Skills:
- 3+ years in a security assurance, audit, or control testing role.
- Strong experience working with NIST 800-53, NIST CSF, or similar security control frameworks.
- Proven ability to assess technical and administrative controls across a range of technologies.
- Familiarity with policy, standards, and regulatory alignment (eg, ISO27001, SOX, GDPR, PCI-DSS).
- Excellent analytical and report-writing skills.
- Strong verbal communication skills for engaging technical and business stakeholders.
Salary (Rate): undetermined
City: undetermined
Country: United Kingdom
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Security Controls Test Specialist - 6 month contract - Remote
The Security Controls Test Specialist is responsible for assessing the design and effectiveness of security controls across the organization. The role requires deep understanding of NIST and related security frameworks, and focuses on validating implementation, identifying control gaps, and supporting remediation efforts. This role plays a key part in maintaining a strong security posture and supporting compliance with internal policies and external regulations.
Key Responsibilities
- Apply deep knowledge of NIST security controls to define and assess appropriate control implementations.
- Map controls to the specific systems, environments, and regulatory requirements applicable to the organization.
- Draft control implementation statements tailored to the technology and business environment.
- Support stakeholders in interpreting and applying control requirements effectively.
- Conduct hands-on control assessments to verify design and operating effectiveness.
- Perform validation activities using manual and automated testing techniques.
- Evaluate control effectiveness and assign appropriate ratings.
- Develop and maintain Control Testing Playbooks and procedures that align with security standards, regulations, and organizational policies.
- Ensure consistency in testing approaches across all security domains.
- Produce detailed technical assessment reports, highlighting compliance status, control gaps, and areas of non-compliance.
- Recommend remediation actions and risk treatments in collaboration with asset and control owners.
- Communicate identified control gaps and testing outcomes clearly to asset owners, control owners, and senior stakeholders.
- Provide expert guidance on control improvements and security hardening strategies.
- Schedule and conduct periodical re-testing to validate the effectiveness of remediation actions.
- Support broader security assurance programs with control testing evidence.
Required Skills & Experience:
- 3+ years in a security assurance, audit, or control testing role.
- Strong experience working with NIST 800-53, NIST CSF, or similar security control frameworks.
- Proven ability to assess technical and administrative controls across a range of technologies.
- Familiarity with policy, standards, and regulatory alignment (eg, ISO27001, SOX, GDPR, PCI-DSS).
- Excellent analytical and report-writing skills.
- Strong verbal communication skills for engaging technical and business stakeholders.