Security - Research Engineer (R5557)

Apply     

At Elastic, we see endless possibility in a world of endless data. And we use the power of search to help people and organizations turn that possibility into results. Elastic is the leading platform for search-powered solutions. With solutions in Enterprise Search, Observability, and Security, we help improve customer and employee search experiences, keep critical applications running smoothly, and protect against cyber threats. Elastic enables organizations worldwide to use the power of Elastic, including Netflix, Uber, BBC, Microsoft, and thousands of others.

Elastic was built on a foundation of being free and open, which trickles down to how we work. We’re a distributed organization and have been from the beginning. Being distributed isn’t just a way of doing business—it’s a mentality that is at the core of our culture.

The Threat Research and Detection Engineering (TRaDE) team is responsible for threat research to develop detection logic for Elastic products, mitigating emerging threats, and collaborating with the community - democratizing the space by sharing knowledge and capabilities. 

We’re looking for a Security Engineer with an operational background who wants to make offensive techniques expensive, develop tools and infrastructure with Elastic technologies to discover and block threats for our users. You will collaborate with the broader Elastic Security team, a diverse set of security researchers, data scientists, and engineers who lend domain expertise to work with you to creatively solve security problems and deliver fantastic user experiences.

What You Will Be Doing:
  • Work as part of the Security Protections team at Elastic with other data engineers, data scientists, and security researchers
  • Develop detailed detection logic in one or more expression languages, delivered asynchronously to Elastic customers; examples include EQL, KQL, and YARA
  • Design and operate data systems that assist with threat discovery and emerging threat detection functions
  • Research and simulate adversaries to develop training data sets, detection logic, and materials used for learning and development
  • Analyze and maintain comprehension about the Elastic detection logic library
  • Actively engaging the security community through blogs, social media accounts, webinars, workshops, meetups, or speaking at conferences
  • Collaborate with security research engineers and data scientists to measure and improve security protections and ML models
What You Bring Along:
  • 4+ years experience in an operational role such as incident response, security analysis, or offensive security
  • 2+ years experience with the Elastic Stack for search and security use-cases
  • Comfortable with Git hygiene, repository maintenance, and project management
  • Proficient programmer in Python, Go, or equivalent experience in a similar language and ability to learn other languages as needed
  • Collaborative attitude with a strong disposition to learn new skills and emerging technologies
  • Self-motivated and able to thrive in a distributed, fast-paced, and autonomous environment
  • Passionate about protecting the world’s data from attack
Desired Experience or Interests:
  • Detailed contemporary knowledge of offensive tools, techniques, and procedures; as well as defensive countermeasures
  • Writing detection logic, e.g. EQL, KQL, YARA, SIGMA
  • Endpoint and/or network information security
  • Data streaming / database tech, e.g. SQL, ElasticSearch, postgres
  • Data analysis, e.g. dGraph, node4j
  • Functional prototyping, e.g. Python
  • Building, measuring, and improving analytic

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

  • Competitive pay based on the work you do here and not your previous salary
  • Health coverage for you and your family in many locations
  • Ability to craft your calendar with flexible locations and schedules for many roles
  • Generous number of vacation days each year
  • Double your charitable giving - We match donations 1:1 up to $1500 USD (or local currency equivalent)
  • Up to 40 hours each year to use toward volunteer projects you love.
  • Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is an equal opportunity/affirmative action employer committed to diversity, equity, and inclusion. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation.

We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email candidate_accessibility@elastic.co We will reply to your request within 24 business hours of submission.

Applicants have rights under Federal Employment Laws, view posters linked below:
Family and Medical Leave Act (FMLA) Poster; Equal Employment Opportunity (EEO) Poster; and Employee Polygraph Protection Act (EPPA) Poster.

Please see here for our Privacy Statement.

Apply     
Learn More About Elastic's Culture

Notify Me of Open Positions

Sign in with your social account to receive emails when Elastic posts open positions you might be interested in:

{{alert.msg}}
Powered By Ongig