Who you are

• Proven Leadership: Experience leading, managing, or mentoring security teams within a fast-paced environment
• Deep Technical Foundation: 6–8 years of hands-on InfoSec experience, specifically with endpoint security, email security, and security operations
• Tooling Proficiency: Direct experience operating at least two of: EDR, DLP, Phishing, SIEM, SSO Providers, or Google Workspace security controls
• Autonomous Drive: The ability to operate independently—you are comfortable starting as a primary practitioner and don't need a pre-built playbook to get to work
• Communication Skills: The ability to explain complex security risks and decisions to non-technical stakeholders with clarity and empathy
• Principled Approach: You understand the natural tension between security visibility and employee trust, and you navigate it thoughtfully
• Growth Mindset: A healthy curiosity to fix the "why" behind a problem rather than just the symptom, especially when it comes to new technologies like AI
• Experience assessing AI-related risks or augmenting AI into security processes
• Prior exposure to enterprise frameworks like NIST, ISO 27001, or FedRAMP
• Professional certifications such as CISSP, CISM, or CompTIA Security+
• Experience with MDM systems and advanced incident management workflows

What the job involves

• For our Manager, CorpSec, this means transforming our security systems into a mission-driven function that unifies IT Systems, Application Security, and Compliance
• You will lead a team dedicated to owning our cybersecurity posture—protecting Clio from internal and external threats while building upon the deep trust we’ve established within the organization
• This is a "player-coach" role where you will be both a builder and an operator, driving a principled approach to security that is deeply integrated into Clio’s culture
• Building & Running: Deploying, configuring, and tuning our Data Loss Prevention (DLP) capabilities and owning the operational management of EDR
• Leading from the Front: Remaining hands-on with the tools that matter—from phishing simulations to AI detection—while developing the response procedures that keep us safe
• Architecting Response: Building and maintaining internal incident response playbooks for insider threats, compromised devices, and accidental data leaks
• Innovating with AI: Partnering with SMEs to evaluate and deploy AI security tooling, ensuring we move data safely and mitigate emerging risks
• Mentoring & Growing: Directly supervising and coaching your team, supporting their professional development, and fostering a culture of feedback and transparency
• Cross-Functional Partnership: Working closely with Privacy, Compliance, and IT teams to ensure technical controls align with global standards like SOC 2, ISO, and HIPAA
• Closing the Loop: Designing employee education workflows and onboarding programs so every "Clion" understands their role in our security posture

Benefits

• Company equity
• 401k
• $500 contribution when you become a parent and/or guardian
• RRSP-matching
• Pension plans
• 4-week minimum vacation
• Work from home when you need to (role-specific)
• Parental leave options for moms and dads
• Customizable extended health benefits (including $2000 per year to spend on counseling)
• Wellness programs including an onsite naturopath physiotherapist, and RMT (location-dependent), healthy snacks, and exercise classes