IT Risk and Compliance (R6385)


Elastic is a free and open search company that powers enterprise search, observability, and security solutions built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real-time and at scale. Thousands of organizations worldwide, including Barclays, Cisco, eBay, Fairfax, ING, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe. Learn more at

We are looking for an IT Risk & Compliance (R&C) Analyst to join our growing IT Risk & Compliance (R&C) team! The IT R&C team's mission is to educate risk-concepts to Elasticians and facilitating the risk management and audit experience by acting as a key contact within IT to generate thought leadership, provide guidance, and evidence collection.

The ideal candidate is a self-motivated individual who appreciates a practical approach to risk and compliance, and someone who is passionate about understanding the "why" in managing risk. In your role as a trusted advisor, you’ll proactively consult on matters of risk management within IT, as well as your peers in the Information Security, Internal Audit, and other teams at Elastic.

What you will be doing

  • Assist in the implementation of the IT General Controls program
  • Educate a diverse workforce in the “why”, “what”, and “who” of internal controls
  • Identify and document requirements, risks and control designs
  • Assist with internal controls walkthroughs and obtaining evidence requested from audit teams
  • Aid in designing new processes or controls to enhance our risk management program
  • Aid the remediation effort for control failures and process improvements
  • Aid in the review of internal controls and security of systems under development as well as major IT projects and initiatives

What You Bring Along:

  • 3 to 4 years of experience in IT Audit or IT Risk Advisory from a public accounting firm, a professional services firm, or a public company
  • A deep understanding of IT General Controls and the role they play in an overall control environment is a must
  • Knowledge of how periodic user access reviews work, and critical audit testing attributes
  • Experience with reviewing and analyzing SOC1/2 reports
  • Ability to manage multiple tasks and priorities, and to stay organized and efficient in a fast-paced environment
  • Good communication skills and ability to work effectively across multiple functional and business groups
  • Ability to think critically and creatively to help identify issue resolutions
  • Demonstrated creativity and flexibility in problem solving and project collaboration

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

  • Competitive pay based on the work you do here and not your previous salary
  • Health coverage for you and your family in many locations
  • Ability to craft your calendar with flexible locations and schedules for many roles
  • Generous number of vacation days each year
  • Double your charitable giving - We match up to $1500 (or local currency equivalent)
  • Up to 40 hours each year to use toward volunteer projects you love
  • Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is an equal opportunity/affirmative action employer committed to diversity, equity, and inclusion. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation.

We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email We will reply to your request within 24 business hours of submission.

Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Pay Transparency Nondiscrimination Provision Poster; Employee Polygraph Protection Act (EPPA) Poster and Know Your Rights (Poster)

Please see here for our Privacy Statement.

Powered By Ongig