Elastic is an open source search company that powers enterprise search, observability, and security solutions built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real time and at scale. Thousands of organizations worldwide, including Barclays, Cisco, eBay, Fairfax, ING, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe. Learn more at elastic.co

About the Team:

The Elastic Security Endpoint Protections team researches, designs, and builds visibility and detection capabilities that are integrated into Elastic Defend, our endpoint and SIEM security product. We are looking for a Senior Security Research Engineer to join our team and continue to innovate new features that will help secure our users against the latest emerging threats. You will collaborate with the broader Elastic Security team, which consists of a diverse group of skilled researchers, data scientists, and developers who possess extensive domain expertise in their respective areas. Our geographically dispersed team values positivity and inclusion in the workplace, collaborative learning, and candid communication.

If you are passionate about security research and would enjoy the challenge of devising novel methods for thwarting malicious actors in an ever-evolving threat landscape, we would love to have you join our growing team!

What You Will Be Doing:

Research emerging attacker techniques and develop innovative and effective detection methods.
Integrate additional visibility capabilities into our endpoint.
Enhance preventions and detections over time to ensure we are staying ahead of the curve and improving efficacy.
Develop code in a collaborative environment with peers in multiple countries and timezones.
Monitor customer telemetry for false positives and establish appropriate mitigation strategies.
Be active in the security research community through conference presentations and content published to Elastic Security Labs.
Contribute to open source Elastic projects used by organizations around the world.
Investigate security problems at scale with our global community of users.

What You Will Bring Along:

5+ years of proven experience analyzing, studying, and understanding attacker tactics, techniques, and procedures (TTPs), as well as developing new methods and approaches for detecting advanced security threats using C, C++, and Python.
In-depth reverse engineering and / or malware analysis experience.
Verbose knowledge of Windows internals, core features, and system architecture.
Collaborative mentality with a strong disposition to learn new skills and emerging technologies.
Motivation to succeed in a distributed, fast-paced, and autonomous work environment.
Passion for protecting the world’s data from attack!

Bonus Points:

Significant experience in Windows development.
Enterprise application development experience.
Red teaming Windows networks.
Vulnerability research and exploit development.

Compensation for this role is in the form of base salary. This role does not have a variable compensation component. The typical starting salary range for new hires in this role is listed below.

These ranges represent the lowest to highest salary we reasonably and in good faith believe we would pay for this role at the time of this posting. We may ultimately pay more or less than the posted range, and the ranges may be modified in the future.

An employee's position within the salary range will be based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, geographic location, performance, and business or organizational needs.

Elastic believes that employees should have the opportunity to share in the value that we create together for our shareholders. Therefore, in addition to cash compensation, this role is currently eligible to participate in Elastic's stock program. Our total rewards package also includes a company-matched Registered Retirement Savings Plan (RRSP) with dollar-for-dollar matching up to 6% of eligible earnings, along with a range of other benefits offered with a holistic emphasis on employee well-being.

The typical starting salary range for this role is:

$106,900—$169,200 CAD

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

Competitive pay based on the work you do here and not your previous salary
Health coverage for you and your family in many locations
Ability to craft your calendar with flexible locations and schedules for many roles
Generous number of vacation days each year
Double your charitable giving - We match up to $1500 (or local currency equivalent)
Up to 40 hours each year to use toward volunteer projects you love
Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is committed to diversity as well as inclusion. We are an equal opportunity employer and committed to the principles of affirmative action. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. If you require any reasonable accessibility support, please email candidate_accessibility@elastic.co.

Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Equal Employment Opportunity (EEO) Poster; and Employee Polygraph Protection Act (EPPA) Poster.

Please see here for our Privacy Statement.

Apply for this Job

* Required

First Name *

Last Name *

Email *

Phone *

Location (City) *

Resume/CV *

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

Cover Letter

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

Will you require Elastic's sponsorship to continue or extend your work authorization status? *

In what countries do you have the unrestricted right to work? *

Please acknowledge that you have reviewed our privacy statement at the bottom of our job posting. For additional details, please see our privacy statement linked below. *

Elastic Privacy Statement

Professional Profile (LinkedIn, Github, Website, etc)

Would you require an export license to access Elastic’s technology? (Individuals who are not U.S. citizens, legal permanent residents of the U.S., or protected individuals under the U.S. Immigration and Naturalization Act (8 U.S.C.1324b(a)(3)) AND who are nationals of Belarus, Cuba, Iran, North Korea, Russia, Syria, the Crimea Region of Ukraine, Donetsk People’s Republic (“DNR”), and the Luhansk People’s Republic (“LNR”) would require an export license to access or discuss Elastic’s proprietary technology that relates to source code that enables encryption functionality. *

Please list your most recent country of citizenship or permanent residency. *

Enter the verification code sent to to confirm you are not a robot, then submit your application.

Security Code *

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.