At Elastic, we have a simple goal: solve the world's data problems with products that delight and encourage. As the company behind the popular open source projects — Elasticsearch, Kibana, Logstash, and Beats — we help people around the world do great things with data. From stock quotes to Twitter streams, Apache logs to WordPress blogs, our products are reinventing what's possible with data and delivering on the promise that good things come from connecting the dots. The Elastic family unites 1000+ Elasticians across 30+ countries into one closely knit team, while the broader community spans over 100 countries.
We’re always on the search for amazing people. People who have a real passion for what they do and are masters at their craft. We are looking for a Senior Incident Response Lead to join our Information Security (InfoSec) team. The InfoSec team leads the strategy, policy, and programs for information security company-wide. Our responsibilities include risk management, implementing a holistic security program, driving compliance initiatives, recommending and implementing security controls, preventing and detecting security threats, and handling incident response. We do all of this in a globally distributed company, thinking differently about how to best achieve critical information security objectives.
- Do you thrive in navigating ambiguity, adapt quickly to a changing environment, and take a global view?
- Are you data driven and passionate about optimizing communications, process, and structure?
- Do you balance the big picture with day-to-day operational details to limit the impact of security events through innovative ways, improving the ability to prevent, detect, disrupt, investigate, respond, and recover?
- Are you a strong communicator who is a calm leader in a stressful situation, makes sound decisions with limited information, and embraces challenging the status quo?
This could be your dream job and we'd love to meet you.
What you'll do:
- Define, implement, and lead a global Incident Response Program that maintains a continuous state of readiness and partnerships with key groups inside and outside Elastic
- Prepare to effectively handle security events, respond to incidents, develop response plans and playbooks, train key partners, automate wherever possible, and conduct exercises (including simulation) to test response plans
- Develop and apply incident handling processes, including preparation, identification, containment, eradication, and recovery, in a forensically sound manner
- Set standards for the documentation of activities during an event, creation of security event reports, and for conducting post-event reviews
- Partner in the development of innovative approaches to detect, respond to, and eradicate advanced threats and improve overall time to respond
- Figure out the root cause of events and collaborate with teams to remediate any identified control gaps or failures
- Mentor team members across the company, junior and senior, in modern incident response practices
- Communicate at all levels of the company, including Executive level
What you've done:
- 5 years specializing in incident response, leading communication and coordination of security containment and response activities
- Familiar with tactics, techniques, and procedures commonly employed by threat actors, and their motivations
- Demonstrated ability to innovatively solve critical security problems
- Think strategically and tailor appropriate messages to different levels throughout the organization
- Extraordinary verbal and written communication skills, tailoring the context of the conversation to the audience in crisis situations
- Make decisions in a crisis with limited or incomplete information
- Have a working knowledge of NIST 800-53, ISO 27001/27002, PCI DSS, Sarbanes-Oxley, and SOC standards
- Experience with using the Elastic stack a plus
- Response related certification, such as GCIH, a plus
- BS/BA degree (MBA or Masters is a plus)
- Be great
We're looking to hire team members invested in realizing the goal of making real-time data exploration easy and available to anyone. As a distributed company, we believe that diversity drives our vibe. Elastic is the type of company where you can balance great work with great life.
- Competitive pay based on the work you do here and not your previous salary
- Global minimum of 16 weeks of paid in full parental leave (moms & dads)
- Generous vacation time and one week of volunteer time off
- Your age is only a number. It doesn't matter if you're just out of college or your children are; we need you for what you can do.
Elastic is an Equal Employment employer committed to the principles of equal employment opportunity and affirmative action for all applicants and employees. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. Elastic also makes reasonable accommodations for disabled employees consistent with applicable law.