Clio is more than just a technical company-we ​​are a global pioneer that transforms the legal experience for all Improving the lives of legal professionals while Increased access to justice.

summary:

We are currently looking for Detection engineer To join our fast security team and our new registration engineering team. This role is for an enthusiastic person to build advanced detection capabilities, formulate effective queries, and lead safety analyzes through registry data. You will focus on the detection and analysis layer of our registration platform with a concrete effect on our safety monitoring capabilities.

This role is available to candidates throughout Canada (with the exception of Quebec). If you are locally for one of our centers (Burnaby, Calgary or Toronto), it is expected to be in the office at least two days a week for the anchor days.

What does your team do?

Are you always looking and asking why, someone enjoying finding data patterns and building a more intelligent discovery logic? If so, we have a place for you in the new tree -cutting engineering team! We are looking for the right candidate to develop and improve our safety discovery capabilities, and we are a technical expert in improving the query and its analyzes. If you have a strong background in safety analyzes with experience in the registry analysis and detection engineering, we want to talk to you.

What will you do

• Designing and implementing advanced detection rules and information through the AIs staple, safety data lakes, and cloud registration platforms
• Building and improving complex research information, gatherings and analysis information plates to monitor safety
• Developing the workflow of automatic detection and integrating the logic of detection with accident response systems
• A partner with the security team to translate the threat intelligence into the process of discovering the process
• Create and maintain the disclosure base libraries, inquiries, and security analysis writings
• Improving the performance of the query and the use of resources through the registry data sets on a large scale
• Building allocated perceptions, information panels and reporting capabilities of the security services
• Investigation of security alerts, the performance of threat hunting, and the refinement of the accuracy of the disclosure to reduce the wrong positives
• Cooperation with the Al -Manjah team to influence the registration structure based on the requirements
• Currently stay with emerging threats and translate new attack patterns into the logic of detection

What you are attending

• The possibilities of detecting experience and security monitoring systems have been proven, which are usually obtained over 3 years of relevant experience.
• The efficiency of the language of query in Elasticsearch/Lucene, SQL, KQL (Kusto), Spl (Splink), or similar inquiries
• Engineering experience to reveal the creation of rules, alerts and the progress of the mechanical response to safety events
• Register analysis skills via multiple data sources, including cloud records, application records, and safety tool outputs
• The dashboard and the experience of perception with KIBANA, Grafana, Tableau, or Custom ANYTICS facades
• The threat hunting experience using registry data to determine security threats and abnormal behavior in a proactive way
• Python or automation capabilities in Python, Powershell or similar languages ​​of the detection machine
• Experience of safety tools with SIEM platforms, soar tools, and security coordination
• Performance improvement skills to control the query and improve the index and resource -saving analyzes
• The experience of supporting incidents of incidents investigating alerts and providing technical analysis of security accidents

Nice to be

• The experience of advanced analyzes with machine learning, statistical analysis, or behavioral analysis of security
• Experiment to detect multi -platforms via cloud platform
• The logic of detection of detection detection detected for specific threat frameworks (MITER Att & CK, killing chain)
• Security certificate like GCTI, GCFA, GNFA or other threats/forensic hunting certificates
• Open source contributions to detection base warehouses, safety analysis tools, or SIEM content
• Data science background with experience in detecting anomalies, assembly or predictive analyzes of security
• API (API
• Cloud safety analysis experience with cloud original safety services and server detection
• Experience of compliance and reporting in building analyzes of organizational requirements and security standards

What you will find here:

Compensation is one of the main components of the Clio reward program. We have developed a series of programs and operations to ensure the creation of fair and competitive salaries practices that constitute the basis of our human and high -performance culture.

Some outstanding points include the total rewards program:

• A competitive and fair salary with first -class health benefits, teeth insurance, and vision insurance
• The hybrid work environment, with local cloned forecasts (Vancouver, Calgary, Toronto, and Dublin) to be at the office at least two days a week on our link days.
• A flexible vacation policy, with the encouragement of 20 days a year.
• $ 2000 annual advice
• RRSP match and Resp’s contribution
• Cliosary recognition program with special recognition on 3, 5, 7 and 10 years

The full salary range* for this floor ranges from $ 116,500 to $ 137,000 to $ 157,500. Observation salaries can vary based on the location and local currency. In addition, benefits may vary depending on the employee’s website.

*We aim to employ all candidates between the minimum and the mid -salary point. We keep the middle point to the maximum salary squad for internal employees who prove the continuous high performance and its effect on Clio. The final offer amount of this role depends on individual experience and candidate skills. Please note that there is a separate group of salary teams for other regions based on the local currency.

Diversity, inclusion, belonging, stocks (DIBE) and accessibility

Our team shows themselves authentic, and they unite through our mission. We are devoted to Diversity, fairness and inclusion. We are proud to build and strengthen an environment in which our teams, including, appreciate and enable the best work in their career, wherever they choose to log in from them. We believe that different views, skills, backgrounds and experiences lead to high performance difference and better innovation. We are committed to equal employment and encourage candidates from all backgrounds to apply.

CLIO provides access places during the recruitment process. If you need any housing, please tell us and we will work with you to meet your needs.

Learn more about our culture in Clio.com/careers

Slip: We only communicate with the candidates through official email addresses @Clio.com.