Senior Cloud Security Engineer

We are currently seeking a Senior Cloud Security Engineer to join our rapidly growing Security team. This role is for someone passionate about building proactive cloud security solutions, implementing advanced detection capabilities, and driving security automation at scale through Infrastructure as Code and policy-driven security. You will be exposed to cutting-edge cloud security challenges and technologies while making a tangible impact on our security architecture.

This role is available to candidates across Canada (excluding Quebec). If you are local to one of our hubs (Burnaby, Calgary, or Toronto) you will be expected to be in office minimum two days per week for our Anchor Days.

Are you someone who’s always probing and asking why, someone who enjoys finding smarter and more efficient solutions to cloud security challenges? If so, we have a spot for you on Clio’s security team. We are looking for the right candidate to develop and run our cloud security architecture and engineering program, and to be an advocate and advisor for cloud-native security overall. If you have a strong cloud operations background with a passion for security and deep experience with Infrastructure as Code security, then we want to talk to you.

• Thrive working in a small team where you can make a big impact on cloud security posture
• Passionate about Infrastructure as Code security, policy-driven security, and cloud governance
• Continually seek better, more efficient ways to secure cloud workloads through automation
• Excel at building security automation using Terraform, policy engines, and security guardrails
• Enjoy the hustle of working in a fast growing successful organization with complex cloud environments
• Demonstrate a keen interest in improving your craft by using AI

• Design and implement security-focused Terraform modules and enforce security policies across cloud infrastructure deployments
• Architect and maintain cloud security guardrails using Open Policy Agent (OPA), AWS Config Rules, Azure Policy, and GCP Organization Policies
• Build security automation pipelines that integrate Terraform security scanning, policy validation, and compliance checks
• Partner with the cloud security manager to develop strategic cloud security architecture and Infrastructure as Code governance
• Develop custom security policies for cloud resources, implementing security-by-default configurations in Terraform providers
• Lead cloud security incident response, perform deep-dive investigations, and architect remediation automation
• Create and maintain security baselines for cloud accounts, implementing preventive controls through policy and code
• Secure Kubernetes deployments through Terraform, implement admission controllers, and integrate security scanning into GitOps workflows
• Drive security compliance automation using Infrastructure as Code for SOC2, ISO 27001, and other frameworks
• Mentor junior team members on cloud security best practices and Infrastructure as Code security patterns

• Senior-level cloud security expertise securing multi-cloud environments through Infrastructure as Code
• Advanced Terraform proficiency including custom providers, security modules, policy integration, and state management security
• Policy as Code expertise with Open Policy Agent (OPA), Rego, AWS Config, Azure Policy, or GCP Organization Policies
• Cloud security architecture experience designing secure multi-account/subscription strategies and landing zones
• DevSecOps leadership implementing security-first CI/CD pipelines, GitOps security, and shift-left security practices
• Cloud compliance automation building Infrastructure as Code solutions for regulatory compliance and governance
• Advanced scripting and automation in Python, Ruby, Go, or similar for complex security automation and policy enforcement
• Container security depth including Kubernetes security hardening, admission controllers, and runtime security policies
• Cloud governance experience with multi-cloud security policies, cost security optimization, and resource governance
• Security incident response leadership in cloud environments with automation and playbook development

• Infrastructure as Code security certifications such as Terraform Associate/Professional, CKS, or HashiCorp Security certifications
• Policy engine expertise with advanced OPA/Gatekeeper, Sentinel, or Cedar policy development
• Cloud security platform integration with Terraform providers for Prisma Cloud, Wiz, Lacework, or similar CNAPP tools
• Multi-cloud governance experience implementing consistent security policies across AWS, Azure, and GCP using Terraform
• Security automation frameworks experience with custom Terraform providers, policy testing frameworks, and security validation pipelines
• Cloud penetration testing with Infrastructure as Code attack vectors and cloud configuration security assessments
• Advanced compliance automation implementing continuous compliance monitoring through Infrastructure as Code
• Mentorship and technical leadership experience leading cloud security engineering teams and setting security standards
• Open source contributions to Terraform security modules, OPA policies, or cloud security tools

Compensation is one of the main components of Clio’s Total Rewards Program. We have developed a series of programs and processes to ensure we are creating fair and competitive pay practices that form the foundation of our human and high-performing culture.

• Competitive, equitable salary with top-tier health benefits, dental, and vision insurance
• Hybrid work environment, with expectation for local Clions (Vancouver, Calgary, Toronto, and Dublin) to be in office minimum 2 days per week on our Anchor Days
• Flexible time off policy, with an encouraged 20 days off per year
• $2000 annual counseling benefit
• RRSP matching and RESP contribution
• Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years

The full salary range for this role is CAD 146,200 to 197,800. Please note salary bands may differ based on location and local currency. Additionally, benefit offerings may differ depending on the employee’s location.

Diversity, Inclusion, Belonging and Equity (DIBE) & Accessibility

Our team shows up as their authentic selves, and are united by our mission. We are dedicated to diversity, equity and inclusion. We pride ourselves in building and fostering an environment where our teams feel included, valued, and enabled to do the best work of their careers, wherever they choose to log in from. We believe that different perspectives, skills, backgrounds, and experiences result in higher-performing teams and better innovation. We are committed to equal employment and we encourage candidates from all backgrounds to apply.

Clio provides accessibility accommodations during the recruitment process. Should you require any accommodation, please let us know and we will work with you to meet your needs.

Learn more about our culture at clio.com/careers

Disclaimer: We only communicate with candidates through official @clio.com email addresses.

Post your resume on T-Net and let employers come to you.

Registration on or use of this website constitutes acceptance of our Terms of Use.