Elastic Security - Senior Research Engineer in Calgary, Canada
Elastic is a search company built on a free and open heritage. Anyone can use Elastic products and solutions to get started quickly and frictionlessly. Elastic offers three solutions for enterprise search, observability, and security, built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real time and at scale. Thousands of organizations worldwide, including Cisco, eBay, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe and is publicly traded on the NYSE under the symbol ESTC. Learn more at elastic.co .
The Elastic Security Intelligence and Analytics team is responsible for threat research to develop detection logic for Elastic products, track emerging threats, and engage the security community - sharing knowledge and capabilities. We’re looking for a Security Engineer with an operational background who wants to make offensive techniques expensive, develop tools and infrastructure with Elastic technologies to discover and block threats for our users. You will collaborate with the broader Elastic Security team, a diverse set of security researchers, data scientists, and engineers who lend domain expertise to work with you to creatively solve security problems and deliver fantastic user experiences.
What You Will Be Doing:
Work as part of the Security Protections team at Elastic with other data engineers, data scientists, and security researchers
Develop detailed detection logic in one or more expression languages, delivered asynchronously to Elastic customers; examples include EQL, KQL, and YARA
Design and operate data systems that assist with threat discovery and emerging threat detection functions
Research and simulate adversaries to develop training data sets, detection logic, and materials used for learning and development
Analyze and maintain comprehension about the Elastic detection logic library
Actively engaging the security community through blogs, social media accounts, webinars, workshops, meetups, or speaking at conferences
Collaborate with security research engineers and data scientists to measure and improve security protections and ML models
What You Bring Along:
4+ years experience in an operational role such as incident response, security analysis, or offensive security
2+ years experience with the Elastic Stack for search and security use-cases
Comfortable with Git hygiene, repository maintenance, and project management
Proficient programmer in Python, Go, or equivalent experience in a similar language and ability to learn other languages as needed
Collaborative attitude with a strong disposition to learn new skills and emerging technologies
Self-motivated and able to thrive in a distributed, fast-paced, and autonomous environment
Passionate about protecting the world’s data from attack
Desired Experience or Interests:
Detailed contemporary knowledge of offensive tools, techniques, and procedures; as well as defensive countermeasures
Writing detection logic, e.g. EQL, KQL, YARA, SIGMA
Endpoint and/or network information security
Data streaming / database tech, e.g. SQL, ElasticSearch, postgres
Data analysis, e.g. dGraph, node4j
Functional prototyping, e.g. Python
Building, measuring, and improving analytic
Different people approach problems differently. We need that. Elastic is committed to diversity as well as inclusion. We are an equal opportunity employer and committed to the principles of affirmative action. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. If you require any reasonable accessibility support, please email email@example.com .
Please see here (https://www.elastic.co/legal/applicant-privacy-statement) for our Privacy Statement.
Additional Information - We Take Care of Our People
As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.
We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.
Competitive pay based on the work you do here and not your previous salary
Health coverage for you and your family in many locations
Ability to craft your calendar with flexible locations and schedules for many roles
Generous number of vacation days each year
Double your charitable giving - We match up to $1500 (or local currency equivalent)
Up to 40 hours each year to use toward volunteer projects you love
Embracing parenthood with minimum of 16 weeks of parental leave
Different people approach problems differently. We need that. Elastic is committed to diversity as well as inclusion. We are an equal opportunity employer and committed to the principles of affirmative action. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. If you require any reasonable accessibility support, please complete our Candidate Accessibility Request Form (https://docs.google.com/forms/d/e/1FAIpQLSfiV7br5dGLslC__KPuDNBii1x6cQnlm59L8b4293O2eFxbMA/viewform) .