About Cority
Cority helps customers see and prevent risks across their operations in real time. Our EHS+ platform converges people, data, and AI agents to provide a clear view of information people can trust, automate workflows that make people more impactful, and deliver personalized insights and expertise to improve decision-making. While most solutions respond to risks one at a time, Cority helps prevent them across environmental management, employee health, safety, quality, and sustainability. For 40 years, Cority has been the market leader in EHS+, recognized by top analysts and trusted by more than 1,500 of the most complex organizations worldwide. Cority has received many awards for its strong employee culture and outstanding business performance. To learn more, visit www.cority.com.
### Primary Responsibilities:
Monitor, assess, and maintain security controls within cloud environments
Responsible for oversight of the vulnerability management program, including penetration testing, participating in reviews of vulnerability and security log reports, creation of mitigation actions and remediation plans, and tracking/monitoring to completion
Manage the overall Security Awareness program for Cority, including annual training, quarterly phishing campaigns
Participate in vendor management process, and customer audit process
Liaise with CloudOps team to manage cloud security using security best practices and frameworks
Participate in the design and implementation of security for all cloud environments
Monitor, assess, and maintain security controls within cloud environments to safeguard data systems
Leverage security tools within the cloud to proactively identify security threats, analyse root causes of security violations, and recommend corrective actions
Integrate cloud security technologies with existing toolsets such as SIEM, EDR, and IAM solutions
Serve as a cloud-security subject matter expert to support CloudOps, Enterprise IT, and risk analysis programs by performing, analysing, and documenting
Ensure that all cloud tool sets and their integrations are properly maintained to meet stated policies, audit requirements and industry best practices
Identify and maintain KPIs and other metrics that show the effectiveness of the program
Provide Security Incident Response support and participate in the development of business cases and presentations on cloud security technologies
Apply knowledge of the above skill areas to assist with the GRC program
### Qualifications and Characteristics of an Ideal Candidate:
Minimum 5+ years of Information Security experience
3+ years of implementing cloud security for cloud infrastructures such as Azure and AWS.
3+ years of experience managing security within the Amazon Web Services (AWS) environment
Current knowledge and thorough understanding of Information Security issues, threats and trends
Demonstrated knowledge in the areas of risk assessment, strong understandings of secure communications, secure data storage, secure systems development, secure systems deployment and documentation
Demonstrated understanding of the real-world application of security and risk frameworks including ISO/IEC 27001, SOC 2 Type 2, NIST and FedRAMP (ISO42001 is an asset)
Assets:
• CISSP, CCSP, CISA, or other relevant industry related certifications
• Experience with ELK, AI, FedRAMP, GitLab
WHAT’S IN IT FOR YOU?
· An opportunity to work in a values-driven, performance oriented, dynamic and growth focused culture
· We support a remote working environment with a one-time home office allowance and subsidized monthly internet allowance
· Competitive health benefits, dental plans, and retirement savings plan (RRSP, 401K plan etc.)
· Annual fitness allowance
· Mental health support provided through access to Calm Premium meditation app and access to Talkspace
· Access to Udemy, internal training programs, annual training allowance and certifications (if applicable), and High Talent Programs
Cority is committed to a diverse and inclusive work environment. Cority is an equal opportunity employer and does not discriminate based on race, nationality, gender, gender identity, sexual orientation, protected veteran status, age, disability or any other legally protected status. For applicants who would like to request for accommodation please send an email to
[email protected].
