Manager at PwC contributing to digital transformation in Utilities through technology consulting and stakeholder management. Focused on creating strategies and providing technology solutions in a data - driven world.
About the role
- Information Security Engineer focusing on Cloud Security at CORTO; designing and implementing security controls for cloud infrastructures.
Responsibilities
- Design, implement, and maintain security controls across Cloud environments, including IAM, networking, logging, encryption, and monitoring
- Review cloud architectures and infrastructure-as-code to ensure alignment with security standards and best practices
- Define and maintain cloud security guardrails, patterns, and technical standards
- Manage, tune, and improve security tooling, including CNAPP, SIEM, XDR, and vulnerability scanning solutions
- Monitor and respond to security alerts and incidents, supporting investigation, root cause analysis, and remediation
- Conduct vulnerability assessments and risk analysis, and track remediation with engineering teams
- Improve detection and response capabilities across cloud, SaaS, and application environments
- Support secure SDLC practices, including threat modelling, design reviews, and security assessments
- Assist with application, container, and API security activities as required
- Support SOC 2 compliance, including control implementation, audits, and evidence collection using GRC tools
- Assist with security questionnaires, customer trust requests, and third-party risk assessments
- Maintain and improve security policies, standards, documentation, and playbooks
- Collaborate closely with DevOps, Engineering, and IT teams to uplift security maturity
- Stay current on cloud security threats, tooling, and industry best practices
Requirements
- 3-5 years of experience in Information Security Engineering roles.
- Strong hands-on experience securing AWS environments.
- Solid understanding of: IAM, least-privilege access, and identity federation
- Network security
- Logging, monitoring, and alerting
- Encryption in transit and at rest
- Microsoft Entra and GCP security
- Experience with at least some of the following: SIEM and alerting platforms
- Vulnerability management tools
- Infrastructure-as-Code
- Endpoint security and MDM
- Security tools, such as Wiz, CrowdStrike, Snyk and Aikido
- Good understanding of security frameworks such as SOC 2, CIS and NIST, or similar.
- Familiarity with cloud security best practices and shared responsibility models.
- Working knowledge of incident response processes.
Benefits
- Your work matters. We solve real world problems that improve and support local, everyday law firms. So they can do their best work for the people in the communities they serve.
- Make an impact. You won’t be another ‘cog in the wheel’ here. We give full trust and autonomy for you to be heard, to work on big & complex projects – and to make a real difference.
- Work with a group of authentic, passionate people who love what they do.
- Well-funded and global. CORTO is part of ATI – one of the largest international LegalTech companies.
- Flexible and hybrid working. We engage, share, and collaborate on ideas and workflows.
- Career and learning opportunities; we move fast and need smart people to get us where we're going. We are a scaling business and looking for people who want to grow with us.
- Have fun with us. Celebrations. Socials. Sports teams. Access to sailing and yacht events.
- We value your well-being - Wellness focus with additional time off, gym membership and other perks.
- Fast-paced tech environment, if we don't disrupt ourselves someone else will do it!
- Access to LEAP Home - a program unique to LEAP to support you in buying your primary residence.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Research Associate conducting advanced research in iOS security within a leading institute for applied cybersecurity. Emphasis on secure application development and vulnerability analysis.
Cybersecurity Engineer focused on threat monitoring and incident response for Verizon's network security. Collaborating on security architecture and vulnerability management across multiple locations.
Senior Manager of Application Security leading initiatives to protect applications at Nordstrom through strategic leadership and AI - driven tooling. Collaborating with engineering to ensure secure software development practices.
Information Security Engineer responsible for deploying and supporting security tools across cloud and on - premise systems. Collaborating with IT to mitigate security risks in a hybrid work environment.
Casual Retail Security Officer for MSS Security ensuring safety at Tweed Mall in Tweed Heads. Responsible for patrols, incident response, and customer service.
Financial security advisor at Desjardins developing client relationships and selling life and health insurance products. Focusing on customer satisfaction and personalized financial solutions.
Principal Information Security Consultant at Westpac focusing on security protocols and employee benefits for staff. Hybrid role centrally located with opportunities for professional development and employee perks.
Engineer supporting secure development lifecycle processes for product lines in the energy sector. Collaborating with R&D on security requirements and compliance audits.
Automation Oversight Engineer providing oversight of compliance in automated device configurations for Comcast Business. Managing configuration checks and reporting, ensuring reliable oversight and improvement strategies.