Engineer
Top Benefits
About the role
Who you are
- If you have a strong background in security analytics with experience in log analysis and detection engineering, then we want to talk to you
- Proven expertise building detection capabilities and security monitoring systems, typically gained over 3+ years of relevant experience
- Query language proficiency in Elasticsearch/Lucene, SQL, KQL (Kusto), SPL (Splunk), or similar query languages
- Detection engineering experience creating rules, alerts, and automated response workflows for security events
- Log analysis skills across multiple data sources including cloud logs, application logs, and security tool outputs
- Dashboard and visualization experience with Kibana, Grafana, Tableau, or custom analytics interfaces
- Threat hunting expertise using log data to proactively identify security threats and anomalous behavior
- Scripting and automation abilities in Python, PowerShell, or similar languages for detection automation
- Security tools integration experience with SIEM platforms, SOAR tools, and security orchestration
- Performance optimization skills for query tuning, index optimization, and resource-efficient analytics
- Incident response support experience investigating alerts and providing technical analysis for security incidents
- Advanced analytics experience with machine learning, statistical analysis, or behavioral analytics for security
- Multi-platform detection experience across cloud platforms (AWS CloudTrail, Azure Activity Logs, GCP Audit Logs)
- Custom detection development building detection logic for specific threat frameworks (MITRE ATT&CK, Kill Chain)
- Security certification such as GCTI, GCFA, GNFA, or other threat hunting/forensics certifications
- Open source contributions to detection rule repositories, security analytics tools, or SIEM content
- Data science background with experience in anomaly detection, clustering, or predictive analytics for security
- API integration expertise for automated threat intelligence ingestion and detection rule management
- Cloud security analytics experience with cloud-native security services and serverless detection architectures
- Compliance and reporting experience building analytics for regulatory requirements and security metrics
What the job involves
- Are you someone who's always probing and asking why, someone who enjoys finding patterns in data and building smarter detection logic? If so, we have a spot for you on Clio's new Logging Engineering team! We are looking for the right candidate to develop and optimize our security detection capabilities, and be a technical expert in query optimization and analytics
- Design and implement sophisticated detection rules and queries across ELK stack, security data lakes, and cloud logging platforms
- Build and optimize complex search queries, aggregations, and analytics dashboards for security monitoring
- Develop automated detection workflows and integrate detection logic with incident response systems
- Partner with the security team to translate threat intelligence into actionable detection capabilities
- Create and maintain detection rule libraries, query templates, and security analytics playbooks
- Optimize query performance and resource utilization across large-scale log datasets
- Build custom visualizations, dashboards, and reporting capabilities for security stakeholders
- Investigate security alerts, perform threat hunting, and refine detection accuracy to reduce false positives
- Collaborate with the platform team to influence logging architecture based on detection requirements
- Stay current with emerging threats and translate new attack patterns into detection logic
Benefits
- Company equity
- 401k
- $500 contribution when you become a parent and/or guardian
- RRSP-matching
- Pension plans
- 4-week minimum vacation
- Work from home when you need to (role-specific)
- Parental leave options for moms and dads
- Customizable extended health benefits (including $2000 per year to spend on counseling)
- Wellness programs including an onsite naturopath physiotherapist, and RMT (location-dependent), healthy snacks, and exercise classes
About Clio - Cloud-Based Legal Technology
Clio is the world's leading provider of cloud-based legal technology, providing lawyers with low-barrier, affordable solutions to manage and grow their firms more effectively, more profitably, and with better client experiences. Our products redefine how lawyers manage their firms by equipping them with the tools they need to run their firms securely from any device, anywhere.
For over 16 years, we have been at the forefront of creating innovative, cloud-based solutions tailored to the unique needs of the legal industry. Clio is the legal industry’s only end-to-end software solution for law firms, powering every aspect of the client journey from intake to invoice. Through our innovative platform design, Clio centralizes multiple products, legal payments, technology integrations, and legal workflows in one operating system, so legal professionals can focus on doing what they do best—lawyering.
We have earned the endorsement from over 100+ law societies and bar associations around the world, including recognition from all 50 state bar associations in the United States. We take immense pride in the fact that Clio has the most 5-star reviews of any legal practice management software.
With global headquarters in Vancouver, Canada, Clio boasts a diverse and talented workforce of 1,200 employees and has offices in Toronto, Calgary, Dublin, and Sydney. Our impact reaches far and wide, with more than 150,000 legal professionals that use our technology, spanning across 130 countries. Our robust ecosystem includes partnerships with over 280 app integration partners and 100 Clio Certified Consultants.
Engineer
Top Benefits
About the role
Who you are
- If you have a strong background in security analytics with experience in log analysis and detection engineering, then we want to talk to you
- Proven expertise building detection capabilities and security monitoring systems, typically gained over 3+ years of relevant experience
- Query language proficiency in Elasticsearch/Lucene, SQL, KQL (Kusto), SPL (Splunk), or similar query languages
- Detection engineering experience creating rules, alerts, and automated response workflows for security events
- Log analysis skills across multiple data sources including cloud logs, application logs, and security tool outputs
- Dashboard and visualization experience with Kibana, Grafana, Tableau, or custom analytics interfaces
- Threat hunting expertise using log data to proactively identify security threats and anomalous behavior
- Scripting and automation abilities in Python, PowerShell, or similar languages for detection automation
- Security tools integration experience with SIEM platforms, SOAR tools, and security orchestration
- Performance optimization skills for query tuning, index optimization, and resource-efficient analytics
- Incident response support experience investigating alerts and providing technical analysis for security incidents
- Advanced analytics experience with machine learning, statistical analysis, or behavioral analytics for security
- Multi-platform detection experience across cloud platforms (AWS CloudTrail, Azure Activity Logs, GCP Audit Logs)
- Custom detection development building detection logic for specific threat frameworks (MITRE ATT&CK, Kill Chain)
- Security certification such as GCTI, GCFA, GNFA, or other threat hunting/forensics certifications
- Open source contributions to detection rule repositories, security analytics tools, or SIEM content
- Data science background with experience in anomaly detection, clustering, or predictive analytics for security
- API integration expertise for automated threat intelligence ingestion and detection rule management
- Cloud security analytics experience with cloud-native security services and serverless detection architectures
- Compliance and reporting experience building analytics for regulatory requirements and security metrics
What the job involves
- Are you someone who's always probing and asking why, someone who enjoys finding patterns in data and building smarter detection logic? If so, we have a spot for you on Clio's new Logging Engineering team! We are looking for the right candidate to develop and optimize our security detection capabilities, and be a technical expert in query optimization and analytics
- Design and implement sophisticated detection rules and queries across ELK stack, security data lakes, and cloud logging platforms
- Build and optimize complex search queries, aggregations, and analytics dashboards for security monitoring
- Develop automated detection workflows and integrate detection logic with incident response systems
- Partner with the security team to translate threat intelligence into actionable detection capabilities
- Create and maintain detection rule libraries, query templates, and security analytics playbooks
- Optimize query performance and resource utilization across large-scale log datasets
- Build custom visualizations, dashboards, and reporting capabilities for security stakeholders
- Investigate security alerts, perform threat hunting, and refine detection accuracy to reduce false positives
- Collaborate with the platform team to influence logging architecture based on detection requirements
- Stay current with emerging threats and translate new attack patterns into detection logic
Benefits
- Company equity
- 401k
- $500 contribution when you become a parent and/or guardian
- RRSP-matching
- Pension plans
- 4-week minimum vacation
- Work from home when you need to (role-specific)
- Parental leave options for moms and dads
- Customizable extended health benefits (including $2000 per year to spend on counseling)
- Wellness programs including an onsite naturopath physiotherapist, and RMT (location-dependent), healthy snacks, and exercise classes
About Clio - Cloud-Based Legal Technology
Clio is the world's leading provider of cloud-based legal technology, providing lawyers with low-barrier, affordable solutions to manage and grow their firms more effectively, more profitably, and with better client experiences. Our products redefine how lawyers manage their firms by equipping them with the tools they need to run their firms securely from any device, anywhere.
For over 16 years, we have been at the forefront of creating innovative, cloud-based solutions tailored to the unique needs of the legal industry. Clio is the legal industry’s only end-to-end software solution for law firms, powering every aspect of the client journey from intake to invoice. Through our innovative platform design, Clio centralizes multiple products, legal payments, technology integrations, and legal workflows in one operating system, so legal professionals can focus on doing what they do best—lawyering.
We have earned the endorsement from over 100+ law societies and bar associations around the world, including recognition from all 50 state bar associations in the United States. We take immense pride in the fact that Clio has the most 5-star reviews of any legal practice management software.
With global headquarters in Vancouver, Canada, Clio boasts a diverse and talented workforce of 1,200 employees and has offices in Toronto, Calgary, Dublin, and Sydney. Our impact reaches far and wide, with more than 150,000 legal professionals that use our technology, spanning across 130 countries. Our robust ecosystem includes partnerships with over 280 app integration partners and 100 Clio Certified Consultants.