Detections Engineer
Shift5Salary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Legal Technology, SecurityIndustries
Requirements
- Proven expertise building detection capabilities and security monitoring systems, typically gained over 3+ years of relevant experience
- Query language proficiency in Elasticsearch/Lucene, SQL, KQL (Kusto), SPL (Splunk), or similar query languages
- Detection engineering experience creating rules, alerts, and automated response workflows for security events
- Log analysis skills across multiple data sources including cloud logs, application logs, and security tool outputs
- Dashboard and visualization experience with Kibana, Grafana, Tableau, or custom analytics interfaces
- Threat hunting expertise using log data to proactively identify security threats and anomalous behavior
- Scripting and automation abilities in Python, PowerShell, or similar languages for detection automation
- Security tools integration experience with SIEM platforms, SOAR tools, and security orchestration
- Performance optimization skills for query tuning, index optimization, and resource-efficient analytics
- Incident response support experience investigating alerts and providing technical analysis for security incidents
- Nice to have
- Advanced analytics experience with machine learning, statistical analysis, or behavioral analytics for security
- Multi-platform detection experience across cloud platforms (AWS CloudTrail, Azure Activity Logs, GCP Audit Logs)
- Custom detection development building detection logic for specific threat frameworks (MITRE ATT&CK, Kill Chain)
- Security certification such as GCTI, GCFA, GNFA, or other threat hunting/forensics certifications
Responsibilities
- Design and implement sophisticated detection rules and queries across ELK stack, security data lakes, and cloud logging platforms
- Build and optimize complex search queries, aggregations, and analytics dashboards for security monitoring
- Develop automated detection workflows and integrate detection logic with incident response systems
- Partner with the security team to translate threat intelligence into actionable detection capabilities
- Create and maintain detection rule libraries, query templates, and security analytics playbooks
- Optimize query performance and resource utilization across large-scale log datasets
- Build custom visualizations, dashboards, and reporting capabilities for security stakeholders
- Investigate security alerts, perform threat hunting, and refine detection accuracy to reduce false positives
- Collaborate with the platform team to influence logging architecture based on detection requirements
- Stay current with emerging threats and translate new attack patterns into detection logic
Skills
ELK Stack
Detection Rules
Query Optimization
Security Analytics
Log Analysis
Security Monitoring
Threat Intelligence
Incident Response
Analytics Dashboards
Cloud Logging
Aggregations
Search Queries
Clio
Legal practice management software provider
About Clio
Clio provides legal practice management software that helps law firms operate more efficiently. Its two main products, Clio Grow and Clio Manage, serve different purposes: Clio Grow enhances the client intake process and engagement, while Clio Manage allows firms to organize tasks, manage cases, handle documents, and process payments in one platform. Clio caters to a diverse clientele, from solo practitioners to large firms, and operates on a subscription model, charging users monthly or annually for access to its software. The goal of Clio is to improve the efficiency of legal practices and reduce administrative burdens, ultimately supporting their growth.
Burnaby, CanadaHeadquarters
2008Year Founded
$1,279.9MTotal Funding
SERIES_FCompany Stage
LegalIndustries
1,001-5,000Employees
Benefits
Company equity
401k
Parental leave options and stipend
Flexible paid time off
Stipend to support WFH
Various wellness benefitsand programs
Risks
Emerging AI-driven legal tech startups could challenge Clio's market share.
Staying private may limit Clio's access to public market capital.
Significant investment in AI and expansion may strain Clio's resources.
Differentiation
Clio offers a comprehensive suite for law firm management, including client intake and payments.
Clio's products, Clio Grow and Clio Manage, streamline operations for legal professionals.
Clio's cloud-based platform supports solo practitioners and large law firms alike.
Upsides
Clio raised $900M in 2024, marking the largest Canadian software funding round.
Clio plans to enhance AI capabilities and expand into international markets.
Clio's subscription model generates $200M in annual recurring revenue.
Related Jobs
RemoteRemoteSecurity Response Engineer, Detection Engineering
Chainlink LabsSalary not specified
RemoteCloud Engineer III - Next-Gen SIEM (Remote)
CrowdstrikeSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior/ Staff Security Engineer, Detection and Response
Grow Therapy$168,000 - $220,000/year
- Full Time
- Senior (5 to 8 years)
RemoteBackend Engineer, Release Monitoring
LaunchDarklySalary not specified
RemoteSr. Detections Content Operations Engineer (Remote)
CrowdstrikeSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)