Elastic is the world's leading software provider for making structured and unstructured data usable in real time for search, logging, security, and analytics use cases. Founded in 2012 by the people behind the Elasticsearch, Kibana, Beats, and Logstash open source projects, Elastic's global community has more than 80,000 members across 45 countries, and since its initial release. Elastic's products have achieved more than 100 million cumulative downloads. Today thousands of organizations, including Cisco, eBay, Dell, Goldman Sachs, Groupon, HP, Microsoft, Netflix, The New York Times, Uber, Verizon, Yelp, and Wikipedia, use the Elastic Stack, X-Pack, and Elastic Cloud to power mission-critical systems that drive new revenue opportunities and massive cost savings. Elastic is backed by more than $104 million in funding from Benchmark Capital, Index Ventures, and NEA; has headquarters in Amsterdam, the Netherlands, and Mountain View, California; and has over 600 employees in more than 30 countries around the world.
We are looking for a Senior Security Engineer to join the Information Security Team at Elastic. The right person for this role will have deep knowledge of security operations in addition to some breadth of experience in other facets of security such as risk management, compliance, incident response, and threat hunting.
- As a part of the InfoSec Team, the Security Engineering’s core responsibility is to develop and operate Elastic’s centralized security services.
- Develop Elastic’s internal security threat analytics platform and collaborate with product focused teams as part of security operations.
- Work effectively with stakeholders in IT, Finance, Legal, Engineering, and Product, and demonstrate being able to engage at sufficient technical depth with our products.
- Play a meaningful role in Security Incident planning and response
- Participate in security risk assessments
- Provide security policy guidance to Elastic employees
- Perform vulnerability scans and coordinate remediation
- BA or a higher degree in a technical field (e.g. EE, CS)
- 5 years of relevant work experience across engineering and IT organizations, including security incident response, threat analytics, security operations, and security risk management.
- You are deeply passionate about actionable security analytics and threat hunting.
- You care about operational efficiency and can embrace a DevOps approach to cloud operations.
- Experience with security and compliance requirements for cloud or SaaS services including SOC2 and ISO27001 or similar certifications.
- Technical aptitude and attention to detail
- Excellent spoken and written communication skills
- Ability to adapt and flex to diverse development methodologies and across different teams. Collaboration work can often span timezones and requires flexibility for working asynchronously with some teams, and directly with others.
Preferred skills and hands on experience with one or more of the following:
- Experience with DevOps security operations for a large scale SaaS platform.
- Threat hunting for a large scale SaaS platform
- Experience with Open Source and the Elastic Stack
- Experience with Linux and Containerized deployment
- Automation software such as Ansible, Terraform, Chef, Puppet
- Familiarity with cloud technologies (such as AWS, Azure, and GCP)
- Web application security - automated and manual pen testing
- Network security: experience building secure cross-region SDNs in cloud platforms such as AWS, GCP, and Azure
- CISSP, CISM, CCSK, CCSP, or similar certification.
- Competitive pay and benefits
- Stock options
- Catered lunches, snacks, and beverages in most offices
- An environment in which you can balance great work with a great life
- Passionate people building great products
- Distributed-first company with employees in over 34 countries, spread across 18 time zones, and speaking over 30 languages!
Target locations: Washington D.C.; New York, NY; London, UK; Amsterdam, The Netherlands
Elastic is an Equal Employment employer committed to the principles of equal employment opportunity and affirmative action for all applicants and employees. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. Elastic also makes reasonable accommodations for disabled employees consistent with applicable law.