Endpoint Protections – Security Research Engineer

Website Elastic

The Elastic Endpoint Protections team researches, designs, builds, and monitors security detections and preventions in the Elastic’s Endpoint product.  We are looking for a Security Research Engineer to research and implement new features that will prevent attackers from compromising and persisting in a user’s environment.  You will collaborate with the broader Elastic Security Protections team, a diverse set of security researchers, data scientists, and engineers who lend domain expertise to work with you to solve creative security problems and deliver fantastic user experiences.   You will also have the opportunity to contribute directly to Elastic Endpoint product code in collaboration with the dedicated Endpoint development team in the creation and improvement of new security features that are deployed to the end users.

What You Will Be Doing:

  • Work as part of the Security Protections team at Elastic with other software engineers, data scientists, and security researchers
  • Research and build new endpoint protections by studying state of the art attacker techniques and designing new ways to detect them
  • Present research at security conferences and contribute back to the security industry
  • Write code in a collaborative environment with peers in multiple countries and timezones
  • Contribute to free and open source Elastic projects used by organizations around the world, solving security problems at scale with our global community of users

What You Bring Along:

  • 2+ years experience writing robust, production code. We use multiple programming languages (primarily C/C++ and Python), so we’re looking for people with some experience in these areas and the ability and interest to learn new languages and technologies.
  • 3+ years experience analyzing, studying, and understanding attacker tactics, techniques, and procedures (TTPs), as well as developing new methods and approaches for detecting advanced security threats.
  • Collaborative attitude with a strong disposition to learn new skills and emerging technologies
  • Self-motivated and able to thrive in a distributed, fast-paced, and autonomous environment
  • Passionate about protecting the world’s data from attack

Bonus Points and Preferred Qualifications:

  • Low level C/C++ development, including kernel experience and familiarity with common code injection / process hooking techniques
  • Working knowledge of Windows internals and Windows development experience
  • Reverse engineering and malware analysis
  • Vulnerability research and exploitation

To apply for this job please visit jobs.elastic.co.