Social Security Jobs in Atlanta (Elastic) – Security – Senior Security Research Engineer

Website Elastic

Job Description:

Elastic is a search company built on a free and open heritage. Anyone can use Elastic products and solutions to get started quickly and frictionlessly. Elastic offers three solutions for enterprise search, observability, and security, built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real time and at scale. Thousands of organizations worldwide, including Cisco, eBay, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe and is publicly traded on the NYSE under the symbol ESTC. Learn more at

The Elastic Security Intelligence and Analytics team is responsible for threat research to develop detection logic for Elastic products, track emerging threats, and engage the security community – sharing knowledge and capabilities. We’re looking for a Security Engineer with experience with cloud containers in public environments; as well as Linux detection and response. You will collaborate with the broader Elastic Security team, a diverse set of security researchers, data scientists, and engineers who lend domain expertise to work with you to creatively solve security problems and deliver fantastic user experiences.


Job Responsibilities:

  • Work as part of the Security Protections team at Elastic with other data engineers, data scientists, and security researchers
  • Develop detailed detection logic in one or more expression languages, delivered asynchronously to Elastic customers; examples include EQL, KQL, and YARA
  • Design and operate data systems that assist with threat discovery and emerging threat detection functions
  • Research and simulate adversaries to develop training data sets, detection logic, and materials used for learning and development
  • Analyze and maintain comprehension about the Elastic detection logic library
  • Actively engaging the security community through blogs, social media accounts, webinars, workshops, meetups, or speaking at conferences
  • Collaborate with security research engineers and data scientists to measure and improve security protections and ML models

Job Requirements:

  • 4+ years experience in an operational role such as incident response, security analysis, or offensive security and at least 1-2 years experience with cloud container workloads
  • 1+ years experience with the Elastic Stack and related components
  • Strong familiarity with MITRE’s ATT&CK Cloud matrix
  • Comfortable with Git hygiene, repository maintenance, and project management
  • Proficient programmer in Python, Go, or equivalent experience in a similar language and ability to learn other languages as needed
  • Collaborative attitude with a strong disposition to learn new skills and emerging technologies
  • Self-motivated and able to thrive in a distributed, fast-paced, and autonomous environment
  • Passionate about protecting the world’s data from attack
  • Cloud-hosted containers/management, e.g. Kubernetes, OpenShift, Docker, Apache Mesos
  • Detailed knowledge of TTPs associated with MITRE Cloud and Container matrices
  • Understanding of common configurations and misconfigurations, capable of describing defensive strategies or mitigations
  • Deploying, using, hardening and developing code using public cloud infrastructure such as AWS, GCP and Azure
  • Linux endpoint and network information security
  • Building, measuring and improving detection logic, e.g. EQL, KQL, YARA, SIGMA
  • Data streaming / database tech, e.g. SQL, ElasticSearch, postgres
  • Data analysis, e.g. dGraph, node4j
  • Functional prototyping, e.g. Python

Job Details:

Company: Elastic

Vacancy Type:  Full Time

Job Location: Atlanta, GA, US

Application Deadline: N/A


Apply Here