Elasticsearch - Principal Software Engineer


Elastic is a search company built on a free and open heritage. Anyone can use Elastic products and solutions to get started quickly and frictionlessly. Elastic offers three solutions for enterprise search, observability, and security, built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real time and at scale. Thousands of organizations worldwide, including Cisco, eBay, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe and is publicly traded on the NYSE under the symbol ESTC. Learn more at elastic.co.

Elasticsearch is a distributed, RESTful search and analytics engine capable of addressing a growing number of use cases. As the heart of the Elastic Stack, it centrally stores your data for lightning fast search, fine-tuned relevancy, and powerful analytics that scale with ease. The Elasticsearch Security team is responsible for a range of security features, including Identity and Access management, Auditing, TLS and Certificate Management, and Cryptography. We’re the team that builds the sorts of things that show up under a “Security” heading on a product feature list. Here’s exactly that list for the Elastic Stack. This role will provide opportunities to learn more about each of these areas of security, and to influence how these features are used within Elastic's Cloud, and our Enterprise Search, Observability, and Security solutions. As Elasticsearch and the Solutions built upon it continue to grow rapidly, our roadmap is packed full of exciting projects. Here is a sample of recent and current projects you could be making an impact on:

Operator Privileges.  Implementing API based security controls for Cloud that distinguish between "operators" (Cloud) and "administrators" (customers). We want to protect our users from unintentionally causing themselves harm by limiting access to certain APIs intended only for operators.

Encrypted Snapshots. Snapshots are how you perform backups in Elasticsearch. We’re adding in-product encryption support to Elasticsearch snapshot & restore.

Security on by default.  The "Security on by Default" project aims to enable Stack security features are ON for every installation of our software to ensure users and their data are protected from unauthorized access. This is a very high impact and visible project that the team is focussed on right now.

Want to find out what it’s like to work on the team? Here’s Ioannis, our Principal Java Engineer

“Hi! I'm Ioannis! I have been working for Elastic for almost 5 years. Whether it’s on premise Elasticsearch installations or huge deployments in Elastic Cloud, it’s satisfying to know that the features that our team builds keep our users and their sensitive data safe. It’s amazing to have that level of impact! On a daily basis, we get to solve interesting technical challenges - balancing the tradeoffs between security and the ease of use that makes Elastic’s products so special. “

What You Will Be Doing:

  • Working in a hands-on capacity on a successful, high profile Java project used throughout the world for multiple use cases
  • Applying your experience in software development to design and build new security features in Elasticsearch, that strike a balance between usability, performance and security trade-offs,
  • Evolving the existing authentication and authorization features of Elasticsearch and the Elastic Stack.
  • Working with other teams across Elastic to build and expand the foundation of security for Elastic's products.
  • Prototyping new ideas and experimenting openly.
  • Collaborating in the open with the Elasticsearch team, Elastic Stack users, and others supporting open source projects.
  • Working with the community on bugs and performance issues and assisting support engineers with tougher customer issues.

What You Bring Along:

  • Strong experience in software engineering, preferably with a focus on server side Java development.
  • You are highly proficient in Java, conversant in the standard library of data structures and concurrency constructs.
  • Strong algorithm implementation and optimization skills.
  • An interest in the security area.
  • Experience of independently designing and implementing new features.

Bonus Points

  • Experience in any of the following:
    • Authentication protocols such as SAML, OpenID Connect or LDAP
    • TLS and X.509 certificate management
    • Cryptography, including hashing and encryption.
  • Awareness of application security fundamentals, and an ability to think through security risks and trade-offs.
  • Experience designing, leading and owning cross-functional initiatives.
  • You've worked in open source before and are familiar with different styles of source control workflow and continuous integration.
  • You've built things with Elasticsearch before, and understand how distributed systems operate and the limitations and advantages.

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

  • Competitive pay based on the work you do here and not your previous salary
  • Health coverage for you and your family in many locations
  • Ability to craft your calendar with flexible locations and schedules for many roles
  • Generous number of vacation days each year
  • Double your charitable giving - We match up to $1500 (or local currency equivalent)
  • Up to 40 hours each year to use toward volunteer projects you love
  • Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is committed to diversity as well as inclusion. We are an equal opportunity employer and committed to the principles of affirmative action. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. If you require any reasonable accessibility support, please complete our Candidate Accessibility Request Form.

Applicants have rights under Federal Employment Laws, view posters linked below:
Family and Medical Leave Act (FMLA) Poster; Equal Employment Opportunity (EEO) Poster; and Employee Polygraph Protection Act (EPPA) Poster.

Please see here for our Privacy Statement.

Covid Policy Learn about Elastic's Culture

Notify Me of Open Positions

Sign in with your social account to receive emails when Elastic posts open positions you might be interested in:

Powered By Ongig