Information Security - Senior Assurance Analyst

Elastic is a free and open search company that powers enterprise search, observability, and security solutions built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real-time and at scale. Thousands of organizations worldwide, including Barclays, Cisco, eBay, Fairfax, ING, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe. Learn more at elastic.co.

We’re always on the search for amazing people. People who have deep passion for what they do and are masters at their craft. Right now we are looking for a Security Assurance Analyst to join our Information Security (InfoSec) team.

The InfoSec team leads the strategy, policy, and programs for information security company-wide. The team’s responsibilities include risk management, implementing a holistic security program, driving compliance initiatives, recommending and implementing security controls, preventing and detecting security threats, and managing incident response. All of this in an intentionally distributed company that was built in the Cloud and encourages thinking differently about how we achieve security objectives.

You will thrive in navigating ambiguity, adapt quickly to a changing environment, take a global view, be data driven and have a passion for optimizing process and structure. You balance in-depth individual solution design with the broader control environment, articulating how all the components are connected and working together to manage risk. We’re looking for people with strong influencing and customer service skills who are effective partnering with multiple teams and building strong relationships.

To be successful in this role, you will:

• Dive deep and develop an understanding of the technical environment, business processes and Elastic culture, providing the basis for a trusted and high quality security consulting service for all Elasticians.
• Provide broad domain and technical knowledge, partnering with engineering teams to secure a modern cloud environment built on AWS, GCP, and Azure.
• Influence strategic direction, drive knowledge management, coordinate improvement efforts, and turn ideas into action.
• Educate and advocate. Share tools, guidance and repeatable methodologies that are embraced across Elastic, keeping user and developer experience central to our thinking.
• Evaluate, and continuously improve the organization’s control environment by being a trusted advisor, facilitator, and creative problem solver in partnership with other teams across Elastic.
• Be an integral part of a highly technical team with high expectations on their ability to deliver quality work.

And have these qualifications:

• Experience executing security programs in a dynamic, global, cloud-based enterprise environment.
• Proven track record applying technical and administrative information security controls across broad technology and business process domains.
• Demonstrated ability to innovate and think creatively about achieving security objectives.
• Experience with automation in a cloud-native security context such as Continuous Control Monitoring, SRE, DevSecOps, Infrastructure-as-Code, Compliance-as-Code.
• Have a clear understanding of cloud computing services/deployment architecture
• Knowledge of some of NIST 800-53, ISO 27001/27002, PCI DSS, Sarbanes-Oxley, and SOC standards a plus
• Experience with using the Elastic stack is a plus

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

• Competitive pay based on the work you do here and not your previous salary
• Health coverage for you and your family in many locations
• Ability to craft your calendar with flexible locations and schedules for many roles
• Generous number of vacation days each year
• Double your charitable giving - We match up to $1500 (or local currency equivalent)
• Up to 40 hours each year to use toward volunteer projects you love
• Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is committed to diversity as well as inclusion. We are an equal opportunity employer and committed to the principles of affirmative action. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. If you require any reasonable accessibility support, please email candidate_accessibility@elastic.co.

Please see here for our Privacy Statement.