Logging & Detection Engineer at Clio

Vancouver, British Columbia, Canada

Apply Now
Clio Logo
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Legal Technology, SecurityIndustries

Requirements

  • Proven expertise building detection capabilities and security monitoring systems, typically gained over 3+ years of relevant experience
  • Query language proficiency in Elasticsearch/Lucene, SQL, KQL (Kusto), SPL (Splunk), or similar query languages
  • Detection engineering experience creating rules, alerts, and automated response workflows for security events
  • Log analysis skills across multiple data sources including cloud logs, application logs, and security tool outputs
  • Dashboard and visualization experience with Kibana, Grafana, Tableau, or custom analytics interfaces
  • Threat hunting expertise using log data to proactively identify security threats and anomalous behavior
  • Scripting and automation abilities in Python, PowerShell, or similar languages for detection automation
  • Security tools integration experience with SIEM platforms, SOAR tools, and security orchestration
  • Performance optimization skills for query tuning, index optimization, and resource-efficient analytics
  • Incident response support experience investigating alerts and providing technical analysis for security incidents
  • Nice to have
  • Advanced analytics experience with machine learning, statistical analysis, or behavioral analytics for security
  • Multi-platform detection experience across cloud platforms (AWS CloudTrail, Azure Activity Logs, GCP Audit Logs)
  • Custom detection development building detection logic for specific threat frameworks (MITRE ATT&CK, Kill Chain)
  • Security certification such as GCTI, GCFA, GNFA, or other threat hunting/forensics certifications

Responsibilities

  • Design and implement sophisticated detection rules and queries across ELK stack, security data lakes, and cloud logging platforms
  • Build and optimize complex search queries, aggregations, and analytics dashboards for security monitoring
  • Develop automated detection workflows and integrate detection logic with incident response systems
  • Partner with the security team to translate threat intelligence into actionable detection capabilities
  • Create and maintain detection rule libraries, query templates, and security analytics playbooks
  • Optimize query performance and resource utilization across large-scale log datasets
  • Build custom visualizations, dashboards, and reporting capabilities for security stakeholders
  • Investigate security alerts, perform threat hunting, and refine detection accuracy to reduce false positives
  • Collaborate with the platform team to influence logging architecture based on detection requirements
  • Stay current with emerging threats and translate new attack patterns into detection logic

Skills

Key technologies and capabilities for this role

ELK StackDetection RulesQuery OptimizationSecurity AnalyticsLog AnalysisSecurity MonitoringThreat IntelligenceIncident ResponseAnalytics DashboardsCloud LoggingAggregationsSearch Queries

Questions & Answers

Common questions about this position

Is this a remote role, or do I need to come into the office?

This role is available to candidates across Canada (excluding Quebec), but if you are local to one of our hubs (Burnaby, Calgary, or Toronto), you will be expected to be in office minimum two days per week for our Anchor Days.

What skills and experience are required for this Logging & Detection Engineer role?

You need proven expertise building detection capabilities and security monitoring systems with 3+ years of relevant experience, proficiency in query languages like Elasticsearch/Lucene, SQL, KQL, or SPL, detection engineering experience creating rules and alerts, log analysis skills across multiple data sources, and dashboard experience with tools like Kibana.

What is the salary or compensation for this position?

This information is not specified in the job description.

What kind of team will I be joining at Clio?

You'll join Clio's new Logging Engineering team within the rapidly growing Security team, focusing on developing and optimizing security detection capabilities as a technical expert in query optimization and analytics.

What makes a strong candidate for this Logging & Detection Engineer position?

A strong candidate is passionate about building sophisticated detection capabilities, enjoys probing data patterns and crafting efficient queries, and has a strong background in security analytics, log analysis, and detection engineering.

Clio

Legal practice management software provider

Website

About Clio

Clio provides legal practice management software that helps law firms operate more efficiently. Its two main products, Clio Grow and Clio Manage, serve different purposes: Clio Grow enhances the client intake process and engagement, while Clio Manage allows firms to organize tasks, manage cases, handle documents, and process payments in one platform. Clio caters to a diverse clientele, from solo practitioners to large firms, and operates on a subscription model, charging users monthly or annually for access to its software. The goal of Clio is to improve the efficiency of legal practices and reduce administrative burdens, ultimately supporting their growth.

Burnaby, CanadaHeadquarters
2008Year Founded
$1,279.9MTotal Funding
SERIES_FCompany Stage
LegalIndustries
1,001-5,000Employees

Benefits

Company equity
401k
Parental leave options and stipend
Flexible paid time off
Stipend to support WFH
Various wellness benefitsand programs

Risks

Emerging AI-driven legal tech startups could challenge Clio's market share.
Staying private may limit Clio's access to public market capital.
Significant investment in AI and expansion may strain Clio's resources.

Differentiation

Clio offers a comprehensive suite for law firm management, including client intake and payments.
Clio's products, Clio Grow and Clio Manage, streamline operations for legal professionals.
Clio's cloud-based platform supports solo practitioners and large law firms alike.

Upsides

Clio raised $900M in 2024, marking the largest Canadian software funding round.
Clio plans to enhance AI capabilities and expand into international markets.
Clio's subscription model generates $200M in annual recurring revenue.

Related Jobs

Roslyn +1 more
Remote iconRemote

Detections Engineer

Shift5
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
Remote
Remote iconRemote

Security Response Engineer, Detection Engineering

Chainlink Labs
Salary not specified
United States
Remote iconRemote

Cloud Engineer III - Next-Gen SIEM (Remote)

Crowdstrike
Salary not specified
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)
United States
Remote iconRemote

Senior/ Staff Security Engineer, Detection and Response

Grow Therapy
$168,000 - $220,000/year
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
United States
Remote iconRemote

Backend Engineer, Release Monitoring

LaunchDarkly
Salary not specified
United States
Remote iconRemote

Sr. Detections Content Operations Engineer (Remote)

Crowdstrike
Salary not specified
  • Employment type iconFull Time
  • Experience level iconJunior (1 to 2 years)
United States
Remote iconRemote

Security Engineer, Cloud Security

Red Cell Partners
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)

Land your dream remote job 3x faster with AI

Try Jobo Free