Cloud Security Engineer

Elastic · Apr 4th 2018

Apply on StackOverflow Careers

At Elastic, we have a simple goal: to solve the world's data problems with products that delight and inspire. As the company behind the popular open source projects — Elasticsearch, Kibana, Logstash, and Beats — we help people around the world do great things with their data. From stock quotes to real time Twitter streams, Apache logs to WordPress blogs, our products are extending what's possible with data, delivering on the promise that good things come from connecting the dots. The Elastic family unites employees across 30+ countries into one team, while the broader community spans across over 100 countries.

Thanks to our ongoing expansion we have the opportunity to grow our Cloud Security Operations team. We're part of the Elastic Cloud team with a development, operations and security background who aren’t afraid to get our hands dirty.

We’re looking for people who are just as passionate about solving issues with distributed systems as they are to automate, code and collaborate to tackle problems with a proven focus on Security. You will be assisting the development and implementation of security controls to mitigate risks and threats but also participating in daily security operational tasks.

Responsibilities

  • Build and improve security focused tooling for the Elastic Cloud product and infrastructure

  • Architect and maintain a SIEM infrastructure

  • Be a part of a Security Incident Response Team

  • Work closely with the SRE and Development team as well as third party auditors to ensure a smooth road to security compliance and alignment to regulations (SOC2, GDPR etc)

  • Demonstrate and promote Security best practices

Experience (in 2+ areas)

  • You performed automated and manual testing against a large codebase. You identify and exploit an SQL injection vulnerability without using sqlmap.

  • Kali Linux for PenTest, Burp or OWASP for security testing.

  • Ability to exploit XSS in something more meaningful than a PoC alert?

  • Deploy perimeter scanners against a large network, with knowledge of Snort, Nessus and Bro.

  • Linux Systems / Containers Security: Hardened a VM with SELinux / AppArmor, tweaked cgroups, created Seccomp profiles.

  • Profile an application to get the minimum syscall / kernel capabilities gamut required for it to run.

  • Experience with SOC2, PCI, and HIPAA.

  • Experience working in a Security Operations Center.

  • Consistently dealing with security incidents that required quick mitigation and extensive root cause analysis.

  • Authentication and Authorization protocols such as OIDC, OAuth and SAML. Deployed large scale LDAP / Kerberos?

  • Familiar with security principles for Software Engineering. Can you help developers build security in throughout the Software Development Process?

Key Skills

  • Desire to represent work in git, driven by a GitHub workflow through issues and pull requests and rigorous code reviews

  • Love open source development, and have contributed to some project somewhere (doesn't have to be ours), whether it's mailing lists, patches, documentation, etc.

  • Enjoy working remotely and the communication it requires

  • Love a diverse environment,

  • Working with men and women all over the world

Additional Information

  • Competitive pay and benefits

  • Stock options

  • Catered lunches, snacks, and beverages in most offices

  • An environment in which you can balance great work with a great life

  • Passionate people building great products

  • Employees with a wide variety of interests

  • Your age is only a number. It doesn't matter if you're just out of college or your children are; we need you for what you can do.

  • Fully remote, with optional coworking from an Elastic office (Mountain View, Amsterdam, Phoenix, etc.) or in your town

  • Lots of opportunities for conference travel, being in the community is encouraged, not just tolerated

Elastic is an Equal Employment employer committed to the principles of equal employment opportunity and affirmative action for all applicants and employees. Qualified individuals will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. Elastic also makes reasonable accommodations for disabled employees consistent with applicable law.

Apply on StackOverflow Careers