At Elastic, we have a simple goal: to solve the world's data problems with products that delight and inspire. As the company behind the popular open source projects — Elasticsearch, Kibana, Logstash, and Beats — we help people around the world do great things with their data. From stock quotes to Twitter streams, Apache logs to WordPress blogs, our products are extending what's possible with data, delivering on the promise that good things come from connecting the dots. Diversity drives our vibe. We unite employees across 30+ countries into one coherent team, while the broader community spans across over 100 countries.

More about SIEM

The Elastic SIEM team is building a new solution that will become the center of the Elastic security analytics offerings. The Elastic stack is already very popular among the security analyst community, and the SIEM team has the opportunity to significantly improve the user experience and workflows of security analysts. Challenges include collecting all the relevant data, aggregating and visualising it, detecting and alerting on suspicious events, as well as supporting the investigation phase.

The SIEM team is diverse and distributed. You will be working remotely with people from Germany, Spain, United States, United Kingdom, and more. We meet via Zoom, brainstorm in Google docs, discuss in open GitHub issues, and chat on Slack.

Your future responsibilities:

Write and maintain high-quality Golang code.

Expand the Beats open source projects (especially Filebeat, Auditbeat, Packetbeat, Winlogbeat) to collect security relevant data.

Create Beats modules to integrate with different cloud technologies and network devices (e.g. collect firewall flows). This includes defining Elasticsearch processing pipelines and Kibana dashboards.

Work with our support team to help customers and answer community questions.

Required skills: