Elasticsearch - Software Engineer II - Security, Authentication, JVM

Elasticsearch is a distributed, RESTful search and analytics engine capable of addressing a growing number of use cases. As the heart of the Elastic Stack, it centrally stores your data for lightning fast search, fine-tuned relevancy, and powerful analytics that scale with ease. The Elasticsearch Security team is responsible for a range of security features, including Identity and Access management, Auditing, TLS and Certificate Management, and Cryptography. We’re the team that builds the sorts of things that show up under a “Security” heading on a product feature list. Here’s exactly that list for the Elastic Stack. This role will provide opportunities to learn more about each of these areas of security, and to influence how these features are used within Elastic's Cloud, and our Enterprise Search, Observability, and Security solutions. As Elasticsearch and the Solutions built upon it continue to grow rapidly, our roadmap is packed full of exciting projects. Here is a sample of recent and current projects you could be making an impact on:

Operator Privileges.  Implementing API based security controls for Cloud that distinguish between "operators" (Cloud) and "administrators" (customers). We want to protect our users from unintentionally causing themselves harm by limiting access to certain APIs intended only for operators.

Encrypted Snapshots. Snapshots are how you perform backups in Elasticsearch. We’re adding in-product encryption support to Elasticsearch snapshot & restore.

Security on by default.  The "Security on by Default" project aims to enable Stack security features are ON for every installation of our software to ensure users and their data are protected from unauthorized access. This is a very high impact and visible project that the team is focussed on right now.

What You Will Be Doing:

• Working in a hands-on capacity on a successful, high profile Java project used throughout the world for multiple use cases
• Applying your experience in software development to design and build new security features in Elasticsearch, that strike a balance between usability, performance and security trade-offs,
• Evolving the existing authentication and authorization features of Elasticsearch and the Elastic Stack.
• Working with other teams across Elastic to build and expand the foundation of security for Elastic's products.
• Prototyping new ideas and experimenting openly.
• Collaborating in the open with the Elasticsearch team, Elastic Stack users, and others supporting open source projects.
• Working with the community on bugs and performance issues and assisting support engineers with tougher customer issues.

What You Bring Along:

• Experience in software engineering, preferably with a focus on server side Java development.
• You are proficient in Java, conversant in the standard library of data structures and concurrency constructs.
• Strong algorithm implementation and optimization skills.
• An interest in the security area.
• Experience of independently designing and implementing new features.

Bonus Points

• Experience with the Scala programming language, particular with respect to security and network use cases
• Experience in any of the following:
• Authentication protocols such as SAML, OpenID Connect or LDAP
• TLS and X.509 certificate management
• Cryptography, including hashing and encryption.
• Awareness of application security fundamentals, and an ability to think through security risks and trade-offs.
• Experience designing, leading and owning cross-functional initiatives.
• You've worked in open source before and are familiar with different styles of source control workflow and continuous integration.
• You've built things with Elasticsearch before, and understand how distributed systems operate and the limitations and advantages.