Clio is the global leader in legal AI technology, empowering legal professionals and law firms of every size to work smarter, faster, and more securely. We are currently seeking a Manager, Security Engineering to join our Security Team, where you will support and grow your team while ensuring strong execution and building solid technical solutions.
Responsibilities:
- Working directly within our codebase shipping code changes, monitoring our Kubernetes clusters, tweaking autoscaling, and/or our CNAPP deployment
- Driving remediation of cloud/infra vulnerabilities against SLA, and producing the audit evidence that keeps our authorizations current
- Collaborating with your team, development and production engineering groups to: understand the challenges our business faces, identify the most impactful opportunities, and craft a roadmap for the team
- Working with your team on designing and implementing the technical solutions that improve Clio’s logging and security posture
- Giving great feedback on code reviews, architecture documents, and more to help support team members making great technical decisions for their projects
- Actively participate as a contributor to the project, either through extensive code reviews, or shipping code
- Having a 1:1 meeting with your direct reports to make sure they are supported in their career growth and development goals
- Actively participating in hiring to grow engineering team at Clio
Requirements:
- Skilled in securing cloud infrastructure such as AWS, GCP/GSuite, GitHub, and IdP, including experience with AWS and/or GCP
- Experience owning a security-compliance program (FedRAMP / StateRAMP / GovRAMP / SOC 2) – audit evidence, continuous monitoring, etc
- Adept with Terraform + GitOps (Flux/Argo) + Kustomize; KEDA-based autoscaling
- Demonstrated success in people leadership in software development, particularly with large scale SaaS products, and a strong background in cloud computing and cloud security
- Diverse base of knowledge that allows you to help your team solve complex technical problems
- Demonstrated ability to hire the best and brightest engineers in a fast-paced job market—and to coach, develop, and retain engineering talent; You are equally energized by both your own technical work as well as contributing to the career growth of your team
- You have strong opinions that are weakly held, and foster that same attitude in others
- You believe in providing honest, actionable feedback to your team, and encourage your team to reciprocate
- You devise roadmaps to guide your team, but aren't beholden to them -- you easily adapt to a constantly changing world
- A philosophy on what makes for great software development teams
- Strong AWS security experience on EC2 and managed services
- Strong understanding of threat vectors, IOCs, malicious behaviour identification, and threat analysis
- Operating a logging/SIEM platform (ELK/OpenSearch/Splunk) at scale and across multiple regions
- Experience with Ruby (on Rails), or Python