Product Security Engineer

Elastic is an open source search company that powers enterprise search, observability, and security solutions built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real time and at scale. Thousands of organizations worldwide, including Barclays, Cisco, eBay, Fairfax, ING, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe. Learn more at elastic.co

The Threat Research and Detection Engineering (TRaDE) team is responsible for threat research to develop detection logic for Elastic products, mitigating emerging threats, and collaborating with the community - democratizing the space by sharing knowledge and capabilities. 

We’re looking for a Security Engineer with experience building and supporting detection engineering at scale and infrastructure used to distribute capabilities across multiple features. You will collaborate with the broader Elastic Security team, who help you to creatively take on security problems and deliver fantastic user experiences.

What you’ll be doing:

• Work as part of the Security Intelligence team at Elastic with other data engineers, ML engineers, detection engineers, and security researchers
• Extend and maintain systems used to automatically deliver updates to Elastic security artifacts
• Validate detailed detection logic in one or more expression languages, test, and release to Elastic customers
• Craft and operate data systems that assist with telemetry analysis and detection logic efficacy
• Research and simulate adversaries to develop validation data sets and materials used for test and evaluation
• Analyze and maintain comprehension about Elastic detection logic libraries and features
• Effectively engaging the security community through Elastic Security Labs, Elastic’s blog, social media accounts, webinars, workshops, meetups, or speaking at conferences
• Collaborate with security research engineers and software engineers to measure and improve security protections

What you bring along:

• A strong desire and ability to design and implement capabilities based on sound software engineering principles.
• Demonstrated experience in building and shipping production-ready enterprise software.
• Advanced proficiency in Python for automation, schema validation, continuous integration, and deployment.
• Knowledge of HTTP and proficiency in working with RESTful web applications and APIs.
• Strong competencies in data structures, software design, and version control using tools like git for repository management.
• Experience with microservices architecture and containerization technologies.
• Proficient in CI/CD tools and processes (e.g., Jenkins, GitLab CI, CircleCI, Buildkite, GitHub) and testing methodologies, including unit, integration, and regression tests.
• Experience in release management, including version control, release planning, and deployment strategies.
• Strong problem-solving abilities to address complex development and deployment challenges.
• Experience with agile development practices and methodologies.
• Knowledge of DevOps principles and practices, including infrastructure as code, automation, and configuration management.
• Excellent communication and documentation skills for effective collaboration in a team environment and with cross-functional teams.
• Eagerness to learn new skills and adapt to emerging technologies, with a collaborative and inquisitive demeanor.
• Experience in conducting code reviews and maintaining high standards in code quality and best practices.

Bonus point desired experiences and interests:

• Familiarity with MITRE ATT&CK tactics, techniques, and the attack lifecycle
• Experience in security research or engineering
• Understanding of context-free grammars and domain specific languages
• Proficient with Golang
• Hands-on experiences with the Elastic Security Solution, query languages, prebuilt protections, and related features
• Familiarity with the twelve-factor methodology

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

• Competitive pay based on the work you do here and not your previous salary
• Health coverage for you and your family in many locations
• Ability to craft your calendar with flexible locations and schedules for many roles
• Generous number of vacation days each year
• Double your charitable giving - We match up to $1500 (or local currency equivalent)
• Up to 40 hours each year to use toward volunteer projects you love
• Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is committed to diversity as well as inclusion. We are an equal opportunity employer and committed to the principles of affirmative action. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. If you require any reasonable accessibility support, please email candidate_accessibility@elastic.co.

Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Equal Employment Opportunity (EEO) Poster; and Employee Polygraph Protection Act (EPPA) Poster.

Please see here for our Privacy Statement.