Senior Security Research Developer

Elastic, the Search AI Company, enables everyone to find the answers they need in real time, using all their data, at scale — unleashing the potential of businesses and people. The Elastic Search AI Platform, used by more than 50% of the Fortune 500, brings together the precision of search and the intelligence of AI to enable everyone to accelerate the results that matter. By taking advantage of all structured and unstructured data — securing and protecting private information more effectively — Elastic’s complete, cloud-based solutions for search, security, and observability help organizations deliver on the promise of AI.

The Elastic Security Endpoint Protections team researches, designs, and builds visibility and detection capabilities that are integrated into Elastic Defend, our endpoint and SIEM security solution. We are looking for a Senior Security Research Engineer to join our team and help us build new, innovative features to help secure our users against the latest emerging threats. You will collaborate with the broader Elastic Security team, which consists of a diverse group of skilled researchers, data scientists, and engineers who possess extensive domain expertise in their respective areas. Our geographically dispersed team values positivity and inclusivity in the workplace, clear communication, collaborative learning, and guided mentorship.

If you have a passion for security research and would enjoy the challenge of devising novel methods for thwarting malicious actors in an ever-evolving threat landscape, join our growing team!

• Research emerging attacker techniques and develop innovative, effective, and resilient detection features.
• Integrate extended eventing and visibility capabilities into our endpoint codebase.
• Improve efficacy of our detection features by rapidly responding to emerging threats.
• Implement endpoint code in collaboration with peers in multiple countries and time zones.
• Review telemetry data and establish mitigation strategies to limit potential false positives and performance impact.
• Contribute to open source Elastic projects used by organizations around the world.
• Investigate security threats at scale with our global community of users.

• 5+ years of professional experience analyzing attacker tactics, techniques, and procedures (TTPs) and developing detection methods for security threats
• Strong development experience primarily in C, C++, and Python.
• In-depth reverse engineering and malware analysis experience.
• Verbose knowledge of Windows internals, core features, and system architecture.
• Collaborative mentality with a strong disposition to learn new skills and technologies.
• Motivation to succeed in a distributed, fast-paced, and autonomous work environment.

• Red teaming Windows networks.
• Vulnerability research and exploit development.

Compensation for this role is in the form of base salary. This role does not have a variable compensation component. The typical starting salary range for new hires in this role is listed below.

These ranges represent the lowest to highest salary we reasonably and in good faith believe we would pay for this role at the time of this posting. We may ultimately pay more or less than the posted range, and the ranges may be modified in the future.

An employee's position within the salary range will be based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, geographic location, performance, and business or organizational needs.

Elastic believes that employees should have the opportunity to share in the value that we create together for our shareholders. Therefore, in addition to cash compensation, this role is currently eligible to participate in Elastic's stock program. Our total rewards package also includes a company-matched Registered Retirement Savings Plan (RRSP) with dollar-for-dollar matching up to 6% of eligible earnings, along with a range of other benefits offered with a holistic emphasis on employee well-being.

The typical starting salary range for this role is:

$128,300 - $203,000 CAD

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

• Competitive pay based on the work you do here and not your previous salary
• Health coverage for you and your family in many locations
• Ability to craft your calendar with flexible locations and schedules for many roles
• Generous number of vacation days each year
• Increase your impact - We match up to $2000 (or local currency equivalent) for financial donations and service
• Up to 40 hours each year to use toward volunteer projects you love
• Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is an equal opportunity/affirmative action employer committed to diversity, equity, and inclusion. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation.

We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email candidate_accessibility@elastic.co We will reply to your request within 24 business hours of submission.

Elasticsearch develops and distributes encryption software and technology that is subject to U.S. export controls and licensing requirements for individuals who are located in or are nationals of the following sanctioned countries and regions: Belarus, Cuba, Iran, North Korea, Russia, Syria, the Crimea Region of Ukraine, the Donetsk People’s Republic (“DNR”), and the Luhansk People’s Republic (“LNR”). If you are located in or are a national of one of the listed countries or regions, an export license may be required as a condition of your employment in this role. Please note that national origin and/or nationality do not affect eligibility for employment with Elastic.

Please seehere for our Privacy Statement.

*

indicates a required field

First Name *

Last Name *

Preferred First Name

Email *

Phone

Location (City) *

Resume/CV *

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Education

School Select...

Degree Select...

Select...

Professional Profile (LinkedIn, Github, Website, etc)

Will you require Elastic's sponsorship to continue or extend your work authorization status? * Select...

In what countries do you have the unrestricted right to work? *

Please list your most recent country of citizenship or permanent residency. *

Would you require an export license to access Elastic’s technology? (Individuals who are not U.S. citizens, legal permanent residents of the U.S., or protected individuals under the U.S. Immigration and Naturalization Act (8 U.S.C.1324b(a)(3)) AND who are nationals of Belarus, Cuba, Iran, North Korea, Russia, Syria, the Crimea Region of Ukraine, Donetsk People’s Republic (“DNR”), and the Luhansk People’s Republic (“LNR”) would require an export license to access or discuss Elastic’s proprietary technology that relates to source code that enables encryption functionality. * Select...

Gender Pronouns (She/Her/Hers, He/Him/His, They/Them/Theirs, etc.)

Please acknowledge that you have reviewed our privacy statement at the bottom of our job posting. For additional details, please see our privacy statement linked below. * Select...