About the role

Corporate Security Analyst managing security operations at Clio, the leading legal AI technology provider. Responsible for protecting Clio from internal and external threats with a collaborative security culture.

Responsibilities

This role acts as an operator of Clio's corporate security toolset, owning the endpoint tools, investigative processes, and organizational culture required to protect Clio from internal and external threats - both accidental and intentional.
You own the day-to-day execution: monitoring alerts, triaging DLP events, running investigations, and keeping the systems that protect Clio running reliably.
Build & Run: Monitor and triage DLP alerts to surface real signals from noise and operate EDR day-to-day by reviewing detections and executing response procedures.
Drive Education: Run phishing simulation campaigns end-to-end - from scheduling to employee education loops - while ensuring that no one is left guessing by communicating clearly when something breaks.
Incident Response: Handle L1/L2 security incidents (phishing, device compromise, data loss) by triaging and containing threats. You take pride in ensuring that alerts don’t age in your queue.
Optimize Systems: Maintain runbooks and support compliance evidence collection (SOC 2, ISO 27001). You adapt when priorities shift and don't need perfect information to make progress.
Technical Growth: Develop scripts to drive auto-remediation and tune security tooling for AI detection to address unauthorized data moves.
Collaborate: Engage with a security culture that solicits feedback and drives visibility across Clio’s security stack (Okta, 1Password, Google Workspace, MDM).

2-4 years of hands-on experience in a security operations, IT security, or endpoint support role.
Tool Proficiency: Hands-on experience with EDR, DLP, Phishing, SSO Platforms, or Google Workspace security controls.
Analytical Mindset: A healthy curiosity to look for the "why" and fix the problem rather than the symptom.
Communication: Clear, evidence-first written communication. You document what you did, what you found, and what you decided.
Judgment: You know when to figure something out independently and when to ask for help.
Demonstrate a keen interest in improving your craft by using AI.
Bonus if you have: Hands-on familiarity with MDM or SIEM in a security incident context.
Experience supporting SOC 2 or ISO 27001 evidence collection.
Exposure to scripting (Python, Bash) for automating investigation or remediation tasks.
Relevant certifications: CISSP, CompTIA Security+, CySA+, or equivalent.

Competitive, equitable salary with top-tier health benefits, dental, and vision insurance
Hybrid work environment, with expectation for local Clions (Vancouver, Calgary, Toronto, Dublin, London, New York City and Sydney) to be in office min. twice per week.
Flexible time off policy, with an encouraged 20 days off per year.
$2000 annual counseling benefit
RRSP matching and RESP contribution
Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years