Senior Logging & Detection Engineer (AI)

TL;DR

Senior Logging & Detection Engineer (AI): Leading the technical direction within the Security and Logging Engineering teams, building sophisticated, scalable detection architectures and mastering efficient queries at petabyte scale. Focus on driving strategic security analytics through log data and proactively researching emerging threats to translate novel techniques into forward-looking detection logic.

Location: Available to candidates across Canada (excluding Quebec). If you are local to one of our hubs (Burnaby, Calgary, or Toronto) you will be expected to be in office minimum two days per week for our Anchor Days.

Salary: $149,600 to $202,400 CAD

Company

hirify.global is the global leader in legal AI technology, empowering legal professionals and law firms of every size to work smarter, faster, and more securely.

What you will do

• Lead the design and implementation of sophisticated, production-ready detection rules and queries across the ELK stack, security data lakes, and multi-cloud logging platforms.
• Architect and optimize complex search queries, aggregations, and analytics dashboards for high-velocity security monitoring, focusing on performance and cost efficiency.
• Design and build automated detection and response workflows (SOAR), ensuring seamless and reliable integration with critical incident response systems.
• Serve as the primary liaison with the threat intelligence team, developing and owning the framework to translate intelligence into scalable, actionable detection capabilities.
• Drive performance optimization and resource utilization strategies across petabyte-scale log datasets, including index design and data tiering.
• Lead complex threat hunting operations, mentor junior team members on investigative techniques, and proactively refine detection logic to achieve near-zero false positive rates.

Requirements

• Senior-level expertise building and scaling enterprise-grade detection capabilities and security monitoring systems.
• Expert-level query language proficiency in at least two of the following: Elasticsearch/Lucene, SQL, KQL (Kusto), or SPL (Splunk), demonstrating advanced optimization techniques.
• Extensive Detection Engineering experience owning the full lifecycle of rules, alerts, and automated response workflows within a SIEM/SOAR environment.
• Advanced log analysis skills across diverse, large-scale data sources, including multi-cloud logs (AWS, Azure, GCP), network flows, and advanced security tool outputs.
• Deep dashboard and visualization expertise with tools like Kibana, Grafana, or Tableau, specifically for security metrics and executive reporting.
• Senior-level scripting and automation abilities (Python/Go/PowerShell), used to build custom tools, manage APIs, and drive detection automation at scale.

Nice to have

• Strategic experience with advanced analytics, machine learning, or statistical modeling for security, such as User and Entity Behavior Analytics (UEBA) or predictive threat modeling.
• Multi-platform security architecture experience across major cloud environments (AWS CloudTrail, Azure Activity Logs, GCP Audit Logs).
• Deep, practical experience building custom detection content mapped directly to the MITRE ATT&CK framework, including coverage gap analysis.
• Industry-recognized security certifications such as GCTI, GCFA, GNFA, or CISSP.

Culture & Benefits

• Competitive, equitable salary with top-tier health benefits, dental, and vision insurance.
• Hybrid work environment, with expectation for local hirify.globalns (Vancouver, Calgary, Toronto, Dublin, London, New York City and Sydney) to be in office min. twice per week.
• Flexible time off policy, with an encouraged 20 days off per year.
• $2000 annual counseling benefit.
• RRSP matching and RESP contribution.
• hirify.globalversary recognition program with special acknowledgement at 3, 5, 7, and 10 years.