Logging & Detection Engineer
Logging & Detection Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Summary:
We are currently seeking a Logging & Detection Engineer to join our rapidly growing Security team and our new Logging Engineering team. This role is for someone passionate about building sophisticated detection capabilities crafting efficient queries and driving security analytics through log data. You will focus on the detection and analysis layer of our logging platform while making a tangible impact on our security monitoring capabilities.
This role is available to candidates across Canada (excluding Quebec). If you are local to one of our hubs (Burnaby Calgary or Toronto) you will be expected to be in office minimum two days per week for our Anchor Days.
What your team does
Are you someone whos always probing and asking why someone who enjoys finding patterns in data and building smarter detection logic If so we have a spot for you on Clios new Logging Engineering team! We are looking for the right candidate to develop and optimize our security detection capabilities and be a technical expert in query optimization and analytics. If you have a strong background in security analytics with experience in log analysis and detection engineering then we want to talk to you.
What youll work on
Design and implement sophisticated detection rules and queries across ELK stack security data lakes and cloud logging platforms
Build and optimize complex search queries aggregations and analytics dashboards for security monitoring
Develop automated detection workflows and integrate detection logic with incident response systems
Partner with the security team to translate threat intelligence into actionable detection capabilities
Create and maintain detection rule libraries query templates and security analytics playbooks
Optimize query performance and resource utilization across large-scale log datasets
Build custom visualizations dashboards and reporting capabilities for security stakeholders
Investigate security alerts perform threat hunting and refine detection accuracy to reduce false positives
Collaborate with the platform team to influence logging architecture based on detection requirements
Stay current with emerging threats and translate new attack patterns into detection logic
What you bring
Proven expertise building detection capabilities and security monitoring systems typically gained over 3 years of relevant experience.
Query language proficiency in Elasticsearch/Lucene SQL KQL (Kusto) SPL (Splunk) or similar query languages
Detection engineering experience creating rules alerts and automated response workflows for security events
Log analysis skills across multiple data sources including cloud logs application logs and security tool outputs
Dashboard and visualization experience with Kibana Grafana Tableau or custom analytics interfaces
Threat hunting expertise using log data to proactively identify security threats and anomalous behavior
Scripting and automation abilities in Python PowerShell or similar languages for detection automation
Security tools integration experience with SIEM platforms SOAR tools and security orchestration
Performance optimization skills for query tuning index optimization and resource-efficient analytics
Incident response support experience investigating alerts and providing technical analysis for security incidents
Nice to have
Advanced analytics experience with machine learning statistical analysis or behavioral analytics for security
Multi-platform detection experience across cloud platforms (AWS CloudTrail Azure Activity Logs GCP Audit Logs)
Custom detection development building detection logic for specific threat frameworks (MITRE ATT&CK Kill Chain)
Security certification such as GCTI GCFA GNFA or other threat hunting/forensics certifications
Open source contributions to detection rule repositories security analytics tools or SIEM content
Data science background with experience in anomaly detection clustering or predictive analytics for security
API integration expertise for automated threat intelligence ingestion and detection rule management
Cloud security analytics experience with cloud-native security services and serverless detection architectures
Compliance and reporting experience building analytics for regulatory requirements and security metrics
What you will find here:
Compensation is one of the main components of Clios Total Rewards Program. We have developed a series of programs and processes to ensure we are creating fair and competitive pay practices that form the foundation of our human and high-performing culture.
Some highlights of our Total Rewards program include:
Competitive equitable salary with top-tier health benefits dental and vision insurance
Hybrid work environment with expectation for local Clions (Vancouver Calgary Toronto and Dublin) to be in office minimum 2 days per week on our Anchor Days.
Flexible time off policy with an encouraged 20 days off per year.
$2000 annual counseling benefit
RRSP matching and RESP contribution
Clioversary recognition program with special acknowledgement at 3 5 7 and 10 years
*We aim to hire all candidates between the minimum and the midpoint of the full salary range. We reserve the midpoint to the maximum of the salary band for internal employees who demonstrate sustained high performance and impact at Clio. The final offer amount for this role will be dependent on individual experience and skillset of the candidate. Please note there are a separate set of salary bands for other regions based on local currency.
Diversity Inclusion Belonging and Equity (DIBE) & Accessibility
Our team shows up as their authentic selves and are united by our mission. We are dedicated todiversity equity and inclusion. We pride ourselves in building and fostering an environment where our teams feel included valued and enabled to do the best work of their careers wherever they choose to log in from. We believe that different perspectives skills backgrounds and experiences result in higher-performing teams and better innovation. We are committed to equal employment and we encourage candidates from all backgrounds to apply.
Clio provides accessibility accommodations during the recruitment process. Should you require any accommodation please let us know and we will work with you to meet your needs.
Learn more about our culture at We only communicate with candidates through official @ email addresses.
Employment Type
Full-Time
