Senior CorpSec Analyst
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Clio, the global leader in legal AI technology, seeks a Senior CorpSec Analyst to drive cybersecurity definitions and posture across systems. The role involves leading investigations, owning incident response, and improving detection and response quality.
Key Skills for This Role
Responsibilities
- Lead investigations and incident response for medium and high severity security events
- Own detection engineering across the corporate security stack
- Drive root cause analysis after incidents and near misses
- Build and maintain automations and integrations
- Define, document, and evolve internal incident response playbooks
- Partner with the Manager, CorpSec on tooling decisions
- Tune and evolve security tooling for AI detection
- Drive correlation and visibility capability across Clio's security stack
- Act as incident commander on high severity events
- Raise the operational bar of the team — coach junior analysts
- Identify operational health problems before they become incidents
- Drive cross team initiatives that no single team owns
Requirements
- 5–8 years of hands on experience in security operations, detection engineering, or incident response
- Deep hands on experience with at least three of: EDR, DLP, Phishing platforms, SIEM, or Google Workspace security controls
- Demonstrated experience leading security incidents end to end
- Track record of root cause investigation
- Strong written communication
- Demonstrated ability to coach or mentor more junior analysts
- Comfort with ambiguity
- Experience using, observing, and securing AI systems, platforms, and agents
- Growth mindset when it comes to process improvement and new technologies, especially AI
Full Job Posting
About The Team
- CorpSec is transitioning and growing at Clio, into a focused mission driven function within the organization.
- Security systems and practices are already in place, this role will be responsible for adopting and unifying the systems, communication, and oversight of security systems from across IT Systems, Application Security, and Compliance.
About The Role
- This role is established for the purpose of driving the cybersecurity definitions and posture across our fleet and systems — leading investigations, owning incident response end to end, and improving the operational quality of how we detect and respond to threats.
- As Senior CorpSec Analyst, you are both a senior operator and a project lead.
What You'll Do Build & Run — Technical & Operational
- Lead investigations and incident response for medium and high severity security events — phishing campaigns, insider risk, compromised accounts, data loss concerns — owning the response from triage through resolution and post incident review.
- Own detection engineering across the corporate security stack — tune DLP, EDR, phishing templates, remediations, and SSO/IdP signals; build correlation rules; reduce false positive rates without sacrificing coverage.
- Drive root cause analysis after incidents and near misses, then translate findings into durable runbook, control, and tooling changes.
- Build and maintain automations and integrations that move work left — auto remediation playbooks, signal enrichment, evidence collection pipelines.
- Define, document, and evolve internal incident response playbooks for insider threat, compromised device, and data loss scenarios.
- Partner with the Manager, CorpSec on tooling decisions — evaluate, configure, and operate platforms across EDR, DLP, phishing, SIEM, and SOAR.
- Tune and evolve security tooling for AI detection — address risks of unauthorized data movement, agentic workflows, and the lethal trifecta.
- Drive correlation and visibility capability across Clio's security stack so detection and investigation stay timely as the company continues to grow.
What You'll Do Lead & Improve — Team & Cross Functional
- Act as incident commander on high severity events — coordinate response across respective teams, as needed; communicate clearly to stakeholders during and after.
- Raise the operational bar of the team — coach junior analysts, review their investigations, share patterns and gotchas, and write documentation, scripts, and/or automations for others to learn from.
- Identify operational health problems before they become incidents — propose, prioritize, and execute the work to close gaps.
- Drive cross team initiatives that no single team owns — DLP policy refinement, MDM coverage, audit log centralization, AI tooling guardrails.
- Support security compliance requirements for SOC 2, ISO 27001, GovRAMP, and PCI DSS — own and design technical evidence pipelines, not just one off collection.
- Maintain Clion trust by communicating transparently and proportionately — we design to protect, not to surveil.
What You Bring
- 5–8 years of hands on experience in security operations, detection engineering, or incident response.
- Deep hands on experience with at least three of: EDR, DLP, Phishing platforms, SIEM, or Google Workspace security controls — you've configured, tuned, and operated them in production.
- Demonstrated experience leading security incidents end to end — you've been the incident commander, not just a contributor.
- Track record of root cause investigation — you fix the problem, not the symptom, and translate the fix into a durable control or automation.
- Strong written communication — your runbooks, post incident reviews, and decisions are easy to follow for engineers outside CorpSec.
- Demonstrated ability to coach or mentor more junior analysts — you raise the bar of those around you, not just your own.
- Comfort with ambiguity — you can take an open ended problem and produce a concrete, prioritized plan.
- Experience using, observing, and securing AI systems, platforms, and agents.
- Growth mindset when it comes to process improvement and new technologies, especially AI.
Preferred
- Experience designing or operating SIEM or detection as code pipelines.
- Experience contributing to security compliance programs including SOC 2, ISO 27001, GovRAMP, or FedRAMP.
- Scripting fluency (Python, Bash, PowerShell) for automating investigation, evidence collection, and remediation.
- Industry certifications such as CISSP, CISM, GCIH, GCIA, or CompTIA Security+.
- Comfortable jumping onto due diligence calls if Compliance requires assistance with customer Risk Interviews.
Total Rewards
- Competitive, equitable salary with top tier health benefits, dental, and vision insurance.
- Hybrid work environment, with expectation for local Clions to be in office min. twice per week.
- Flexible time off policy, with an encouraged 20 days off per year.
- CAD 2000 annual counseling benefit.
- RRSP matching and RESP contribution.
- Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Clio
Senior Content Strategist, Enterprise
Calgary, CAN
Clio is hiring a Senior Content Strategist for a 12-month contract to cover maternity leave. You will produce polished content across formats, review team output, and contribute strategic input for enterprise audiences.
Senior Implementation Consultant
Vancouver, CAN
Clio seeks a Senior Implementation Manager to join the Customer Success team, responsible for delivering implementation services to high-value customers, ensuring seamless integration and adoption of Clio products. The r
Senior Partner Account Manager
Toronto, CAN
Clio is hiring a Senior Partner Account Manager to join their Channel team, managing a portfolio of partners and driving sourced revenue. The role involves building strategic relationships, enabling partners, and co-sell
Senior Project Manager
Vancouver, CAN
Clio is hiring a Senior Project Manager to join its PMO team in Vancouver, Calgary, or Toronto. You will lead end-to-end management of complex cross-functional projects such as product launches, global expansion, and M&A
Senior Project Manager
Calgary, CAN
Clio is the global leader in legal AI technology, empowering legal professionals and law firms of every size to work smarter, faster, and more securely. We are transforming the legal experience for all by bettering the l
Systems Specialist, FP&A
Calgary, CAN
Clio is seeking a Systems Specialist, FP&A to join their FP&A Systems team. The role involves administering the EPM platform (Pigment), managing ticket lifecycles, and supporting financial planning and reporting processe
Customer Success Manager
Calgary, CAN
Clio is seeking a Customer Success Manager to manage high-value accounts, drive retention and growth, and guide customers in adopting AI-powered legal technology. The role requires 3+ years of B2B SaaS customer-facing ex
Intermediate Customer Onboarding Specialist (12 month Contract)
Vancouver, CAN
Clio seeks an Intermediate Customer Onboarding Specialist on a 12-month contract to deliver exceptional onboarding experiences for legal professionals. The role requires strong customer focus, technical expertise, and th
Senior Content Strategist, Enterprise
Calgary, CAN
Senior Implementation Consultant
Vancouver, CAN
Senior Partner Account Manager
Toronto, CAN
Senior Project Manager
Vancouver, CAN
Senior Project Manager
Calgary, CAN
Systems Specialist, FP&A
Calgary, CAN
Customer Success Manager
Calgary, CAN
Intermediate Customer Onboarding Specialist (12 month Contract)
Vancouver, CAN