{bc}
linkedin

Senior CorpSec Analyst

Clio
Vancouver, CAN
Full Time
Senior
Hybrid
1 weeks ago
Incident ResponseDetection EngineeringEDRDLPSIEMPhishing Platforms
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

Incident ResponseDetection EngineeringEDR
Smart Apply

Full Job Posting

About The Team

  • CorpSec is transitioning and growing at Clio, into a focused mission driven function within the organization.
  • Security systems and practices are already in place, this role will be responsible for adopting and unifying the systems, communication, and oversight of security systems from across IT Systems, Application Security, and Compliance.

About The Role

  • This role is established for the purpose of driving the cybersecurity definitions and posture across our fleet and systems — leading investigations, owning incident response end to end, and improving the operational quality of how we detect and respond to threats.
  • As Senior CorpSec Analyst, you are both a senior operator and a project lead.

What You'll Do Build & Run — Technical & Operational

  • Lead investigations and incident response for medium and high severity security events — phishing campaigns, insider risk, compromised accounts, data loss concerns — owning the response from triage through resolution and post incident review.
  • Own detection engineering across the corporate security stack — tune DLP, EDR, phishing templates, remediations, and SSO/IdP signals; build correlation rules; reduce false positive rates without sacrificing coverage.
  • Drive root cause analysis after incidents and near misses, then translate findings into durable runbook, control, and tooling changes.
  • Build and maintain automations and integrations that move work left — auto remediation playbooks, signal enrichment, evidence collection pipelines.
  • Define, document, and evolve internal incident response playbooks for insider threat, compromised device, and data loss scenarios.
  • Partner with the Manager, CorpSec on tooling decisions — evaluate, configure, and operate platforms across EDR, DLP, phishing, SIEM, and SOAR.
  • Tune and evolve security tooling for AI detection — address risks of unauthorized data movement, agentic workflows, and the lethal trifecta.
  • Drive correlation and visibility capability across Clio's security stack so detection and investigation stay timely as the company continues to grow.

What You'll Do Lead & Improve — Team & Cross Functional

  • Act as incident commander on high severity events — coordinate response across respective teams, as needed; communicate clearly to stakeholders during and after.
  • Raise the operational bar of the team — coach junior analysts, review their investigations, share patterns and gotchas, and write documentation, scripts, and/or automations for others to learn from.
  • Identify operational health problems before they become incidents — propose, prioritize, and execute the work to close gaps.
  • Drive cross team initiatives that no single team owns — DLP policy refinement, MDM coverage, audit log centralization, AI tooling guardrails.
  • Support security compliance requirements for SOC 2, ISO 27001, GovRAMP, and PCI DSS — own and design technical evidence pipelines, not just one off collection.
  • Maintain Clion trust by communicating transparently and proportionately — we design to protect, not to surveil.

What You Bring

  • 5–8 years of hands on experience in security operations, detection engineering, or incident response.
  • Deep hands on experience with at least three of: EDR, DLP, Phishing platforms, SIEM, or Google Workspace security controls — you've configured, tuned, and operated them in production.
  • Demonstrated experience leading security incidents end to end — you've been the incident commander, not just a contributor.
  • Track record of root cause investigation — you fix the problem, not the symptom, and translate the fix into a durable control or automation.
  • Strong written communication — your runbooks, post incident reviews, and decisions are easy to follow for engineers outside CorpSec.
  • Demonstrated ability to coach or mentor more junior analysts — you raise the bar of those around you, not just your own.
  • Comfort with ambiguity — you can take an open ended problem and produce a concrete, prioritized plan.
  • Experience using, observing, and securing AI systems, platforms, and agents.
  • Growth mindset when it comes to process improvement and new technologies, especially AI.

Preferred

  • Experience designing or operating SIEM or detection as code pipelines.
  • Experience contributing to security compliance programs including SOC 2, ISO 27001, GovRAMP, or FedRAMP.
  • Scripting fluency (Python, Bash, PowerShell) for automating investigation, evidence collection, and remediation.
  • Industry certifications such as CISSP, CISM, GCIH, GCIA, or CompTIA Security+.
  • Comfortable jumping onto due diligence calls if Compliance requires assistance with customer Risk Interviews.

Total Rewards

  • Competitive, equitable salary with top tier health benefits, dental, and vision insurance.
  • Hybrid work environment, with expectation for local Clions to be in office min. twice per week.
  • Flexible time off policy, with an encouraged 20 days off per year.
  • CAD 2000 annual counseling benefit.
  • RRSP matching and RESP contribution.
  • Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years.

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Clio