Security - Senior Security Research Engineer - Malware Signatures

Elastic is a free and open search company that powers enterprise search, observability, and security solutions built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real-time and at scale. Thousands of organizations worldwide, including Barclays, Cisco, eBay, Fairfax, ING, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe. Learn more at elastic.co.

The Elastic Security Intelligence and Analytics team is responsible for ongoing threat research used to develop detection logic for Elastic products, track emerging threats, and engage the security community - sharing knowledge and capabilities. We’re looking for a Security Engineer with experience as a malware analyst or reverse engineer, someone who is comfortable analyzing malware developed for Windows, Linux and MacOS systems and has experience producing outputs such as YARA signatures, technical reports and similar work-products. You will collaborate with the broader Elastic Security team, a diverse set of security researchers, data scientists, and engineers who lend domain expertise to work with you to creatively solve security problems and deliver fantastic user experiences. 

What you will be doing: 

• Work as part of the Security Protections team at Elastic with other data engineers, data scientists and security researchers
• Develop YARA signatures and other forms of logic, delivered asynchronously to Elastic customers
• Design and operate data systems that assist with threat discovery and emerging threat detection
• Perform binary triage and malware analysis in support of threat research objectives
• Simulate malware functionality to reconstruct network traffic, identify traffic patterns, discover behavioral, structural or other anomalies and develop decoders or related tools
• Actively engage the security community through blogs, social media accounts, webinars, workshops, meetups, speaking at conferences and other Elastic channels
• Collaborate with security research engineers and data scientists to measure and improve feature efficacy

What you bring along:

• 4+ years of experience with malware analysis in an operational role such as in support of incident response, or a threat research role such as development for a security product

• Strong Git hygiene, repository maintenance and project management background
• Strong development experience in C, C++, Java, Go or equivalent in a similar language and ability to learn other languages as needed
• Collaborative attitude with a strong disposition to learn new skills and emerging technologies
• Self-motivated and able to thrive in a distributed, fast-paced and autonomous environment
• Passionate about protecting the world’s data from attack

Bonus points: 

• As advocates of free and open software, exceptional candidates will be contributors to open source or community projects

• Contributors to projects like Ghidra, Sharpsploit, FactionC2 or similar projects would be phenomenal

• With the future in mind, we think an exceptional candidate will have experience in consulting or support of professional services - applicants from Mandiant (FireEye/FLARE), SentinelOne, CrowdStrike, PaloAlto (Unit42), Red Canary, and SpecterOps would be great examples - either incident response or intelligence analysis

• Probably shouldn’t expect many applicants for this role to be familiar with our solutions, so if we see any who happen to know Elastic products that might be a bonus

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

• Competitive pay based on the work you do here and not your previous salary
• Health coverage for you and your family in many locations
• Ability to craft your calendar with flexible locations and schedules for many roles
• Generous number of vacation days each year
• Double your charitable giving - We match up to $1500 (or local currency equivalent)
• Up to 40 hours each year to use toward volunteer projects you love
• Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is committed to diversity as well as inclusion. We are an equal opportunity employer and committed to the principles of affirmative action. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. If you require any reasonable accessibility support, please email candidate_accessibility@elastic.co.

Please see here for our Privacy Statement.