Security Solutions - Sr. Software Engineer - Elastic Common Schema


Elastic is a free and open search company that powers enterprise search, observability, and security solutions built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real-time and at scale. Thousands of organizations worldwide, including Barclays, Cisco, eBay, Fairfax, ING, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe. Learn more at

The Elastic Common Schema (ECS) is an open source specification, developed with support from the Elastic user community. ECS defines a common set of fields to be used when storing event data in Elasticsearch, such as logs and metrics.

As Senior Engineer on the ECS team, you will be part of a team managing high quality field mappings for various use cases such as security and observability. As part of the ECS team, you’ll be deeply involved in working with the community, enriching ECS with new mappings as part of regular release cadence. Being part of the ECS team also means working closely with Stack, Security, Observability, and Enterprise Search teams to promote and facilitate their contributions to ECS. Working on ECS requires being creative in building a future-proof schema. The team is diverse and distributed across the world, and collaborates on a daily basis over GitHub, Zoom, and Slack.

What You Will Be Doing:

  • Join the ECS team alongside other team members, working on enriching the common field mapping schema.
  • Research and add new field mappings into the schema as part of a regular release.
  • As part of the release, work closely with other teams in Elastic to fit various use cases into ECS.
  • Find creative ways of promoting and converting the data into Elastic Common Schema.
  • Continuously work with the community to understand their needs and incorporate suggestions.
  • Help build and improve various tools that help users adopt ECS and unlock its potential.
  • Working closely with the documentation team at every step to improve the overall user experience.

What You Will Bring Along:

  • Development experience with Python, Ruby, or TypeScript/JavaScript
  • A good understanding of the Elastic Stack
  • Experience exploring data with Kibana
  • Understanding of Elasticsearch mapping types
  • Experience with parsing logs and events (ideally in the context of security or observability)
  • Experience in correlating events from multiple sources, or threat hunting
  • Expertise of the english language; especially in its written form.
  • Ability to work independently in a globally distributed team.
  • Nice to have: Experience working on an endeavour that requires future-proofing. E.g. another common data schema, API design, developing a parts-numbering system, etc.

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

  • Competitive pay based on the work you do here and not your previous salary
  • Health coverage for you and your family in many locations
  • Ability to craft your calendar with flexible locations and schedules for many roles
  • Generous number of vacation days each year
  • Double your charitable giving - We match up to $1500 (or local currency equivalent)
  • Up to 40 hours each year to use toward volunteer projects you love
  • Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is committed to diversity as well as inclusion. We are an equal opportunity employer and committed to the principles of affirmative action. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. If you require any reasonable accessibility support, please email

Please see here for our Privacy Statement.

Learn about Elastic's Culture

Notify Me of Open Positions

Sign in with your social account to receive emails when Elastic posts open positions you might be interested in:

Powered By Ongig