Elasticsearch - Software Engineer II - Security, Authentication, JVM

Elastic, the Search AI Company, enables everyone to find the answers they need in real time, using all their data, at scale — unleashing the potential of businesses and people. The Elastic Search AI Platform, used by more than 50% of the Fortune 500, brings together the precision of search and the intelligence of AI to enable everyone to accelerate the results that matter. By taking advantage of all structured and unstructured data — securing and protecting private information more effectively — Elastic’s complete, cloud-based solutions for search, security, and observability help organizations deliver on the promise of AI.

Elasticsearch is a distributed, RESTful search and analytics engine capable of addressing a growing number of use cases. As the heart of the Elastic Stack, it centrally stores your data for lightning fast search, fine-tuned relevancy, and powerful analytics that scale with ease. The Elasticsearch Security team is responsible for a range of security features, including Identity and Access management, Auditing, TLS and Certificate Management, and Cryptography. We’re the team that builds the sorts of things that show up under a “Security” heading on a product feature list. Here’s exactly that list for the Elastic Stack. This role will provide opportunities to learn more about each of these areas of security, and to influence how these features are used within Elastic's Cloud, and our Enterprise Search, Observability, and Security solutions. As Elasticsearch and the Solutions built upon it continue to grow rapidly, our roadmap is packed full of exciting projects. Here is a sample of recent and current projects you could be making an impact on:

Operator Privileges.  Implementing API based security controls for Cloud that distinguish between "operators" (Cloud) and "administrators" (customers). We want to protect our users from unintentionally causing themselves harm by limiting access to certain APIs intended only for operators.

Encrypted Snapshots. Snapshots are how you perform backups in Elasticsearch. We’re adding in-product encryption support to Elasticsearch snapshot & restore.

Security on by default.  The "Security on by Default" project aims to enable Stack security features are ON for every installation of our software to ensure users and their data are protected from unauthorized access. This is a very high impact and visible project that the team is focussed on right now.

What You Will Be Doing:

• Working in a hands-on capacity on a successful, high profile Java project used throughout the world for multiple use cases
• Applying your experience in software development to design and build new security features in Elasticsearch, that strike a balance between usability, performance and security trade-offs,
• Evolving the existing authentication and authorization features of Elasticsearch and the Elastic Stack.
• Working with other teams across Elastic to build and expand the foundation of security for Elastic's products.
• Prototyping new ideas and experimenting openly.
• Collaborating in the open with the Elasticsearch team, Elastic Stack users, and others supporting open source projects.
• Working with the community on bugs and performance issues and assisting support engineers with tougher customer issues.

What You Bring Along:

• Experience in software engineering, preferably with a focus on server side Java development.
• You are proficient in Java, conversant in the standard library of data structures and concurrency constructs.
• Strong algorithm implementation and optimization skills.
• An interest in the security area.
• Experience of independently designing and implementing new features.

Bonus Points

• Experience with the Scala programming language, particular with respect to security and network use cases
• Experience in any of the following:
• Authentication protocols such as SAML, OpenID Connect or LDAP
• TLS and X.509 certificate management
• Cryptography, including hashing and encryption.
• Awareness of application security fundamentals, and an ability to think through security risks and trade-offs.
• Experience designing, leading and owning cross-functional initiatives.
• You've worked in open source before and are familiar with different styles of source control workflow and continuous integration.
• You've built things with Elasticsearch before, and understand how distributed systems operate and the limitations and advantages.

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

• Competitive pay based on the work you do here and not your previous salary
• Health coverage for you and your family in many locations
• Ability to craft your calendar with flexible locations and schedules for many roles
• Generous number of vacation days each year
• Increase your impact - We match up to $2000 (or local currency equivalent) for financial donations and service
• Up to 40 hours each year to use toward volunteer projects you love
• Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is an equal opportunity/affirmative action employer committed to diversity, equity, and inclusion. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation.

We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email candidate_accessibility@elastic.co We will reply to your request within 24 business hours of submission.

Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Pay Transparency Nondiscrimination Provision Poster; Employee Polygraph Protection Act (EPPA) Poster and Know Your Rights (Poster)

Elasticsearch develops and distributes encryption software and technology that is subject to U.S. export controls and licensing requirements for individuals who are located in or are nationals of the following sanctioned countries and regions: Belarus, Cuba, Iran, North Korea, Russia, Syria, the Crimea Region of Ukraine, the Donetsk People’s Republic (“DNR”), and the Luhansk People’s Republic (“LNR”). If you are located in or are a national of one of the listed countries or regions, an export license may be required as a condition of your employment in this role. Please note that national origin and/or nationality do not affect eligibility for employment with Elastic.

Please see here for our Privacy Statement.