Elastic, the Search AI Company, enables everyone to find the answers they need in real time, using all their data, at scale — unleashing the potential of businesses and people. The Elastic Search AI Platform, used by more than 50% of the Fortune 500, brings together the precision of search and the intelligence of AI to enable everyone to accelerate the results that matter. By taking advantage of all structured and unstructured data — securing and protecting private information more effectively — Elastic’s complete, cloud-based solutions for search, security, and observability help organizations deliver on the promise of AI.

What is The Role:

As the Sr. Manager, Threat Detection at Elastic you are helping Elastic deliver safe and secure products and services to our customers, users, and fellow Elasticians. You’ll partner with teams company-wide to learn about Elastic’s threat landscape and adapt our monitoring as a result. You will be responsible for assessing and improving Elastic’s threat defense coverage and processes for the entire organization, developing and tuning detections across a wide variety of sources that include multiple cloud providers, CI/CD environments, SaaS services, user workstations, and more. You’ll also help support incident response activities by providing expertise in log analysis during security events. You’ll have access to all the tools in the Elastic Stack and to the folks who build the Elastic Stack to provide feedback and suggestions to make the Elastic Stack better for everyone. If doing all of this with the Elastic Stack excites you, then we’d love to meet you!

What You Will Be Doing:

Review existing detection lifecycle and develop plans for continuous improvement
Partner with the Distributed Security Response Team (DSRT) to review and enhance alerting and alert strategy on a regular basis
Enhance dynamic / risk-based detection strategy, identifying opportunities for and creating UEBA and machine learning based detections
Identify areas for workflow automation, context enrichment, and other enhancements to the alerting workflow leveraging our SOAR platform or Elastic Stack native capabilities
Partner with the product team on new features, bug fixes, and detection ideas to transfer ideas into features
Evolve and grow our existing threat detection practice by working with our threat detection engineering team and our partners developing threat detection resources for our customers and community
Share with our community how we leverage the Elastic Stack to keep Elastic safe through blog posts, webinars, meetups, and other opportunities
Mentor and coach team members to help them unlock the best version of themselves

What You Will Bring:

At least 8 years of experience designing, implementing, and performing monitoring and detection in a complex, global environment
Demonstrated ability to think innovatively about solving critical security problems
Curiosity for research and uncovering the unknown about cyber behavior
Experience leading a team of detection engineers or related professionals
Experience with machine learning is a plus

Compensation for this role is in the form of base salary. This role does not have a variable compensation component.

The typical starting salary range for new hires in this role is listed below. In select locations (including Seattle WA, Los Angeles CA, the San Francisco Bay Area CA, and the New York City Metro Area), an alternate range may apply as specified below.

These ranges represent the lowest to highest salary we reasonably and in good faith believe we would pay for this role at the time of this posting. We may ultimately pay more or less than the posted range, and the ranges may be modified in the future.

An employee’s position within the salary range will be based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, geographic location, performance, and business or organizational needs.

Elastic believes that employees should have the opportunity to share in the value that we create together for our shareholders. Therefore, in addition to cash compensation, this role is currently eligible to participate in Elastic’s stock program. Our total rewards package also includes a company-matched 401k with dollar-for-dollar matching up to 6% of eligible earnings, along with a range of other benefits offered with a holistic emphasis on employee well-being.

The typical starting salary range for this role is:

$159,800—$252,800 USD

The typical starting salary range for this role in the select locations listed above is:

$191,900—$303,500 USD

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

Competitive pay based on the work you do here and not your previous salary
Health coverage for you and your family in many locations
Ability to craft your calendar with flexible locations and schedules for many roles
Generous number of vacation days each year
Increase your impact - We match up to $2000 (or local currency equivalent) for financial donations and service
Up to 40 hours each year to use toward volunteer projects you love
Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is an equal opportunity/affirmative action employer committed to diversity, equity, and inclusion. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation.

We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email [email protected] We will reply to your request within 24 business hours of submission.

Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Pay Transparency Nondiscrimination Provision Poster; Employee Polygraph Protection Act (EPPA) Poster and Know Your Rights (Poster)

Elasticsearch develops and distributes encryption software and technology that is subject to U.S. export controls and licensing requirements for individuals who are located in or are nationals of the following sanctioned countries and regions: Belarus, Cuba, Iran, North Korea, Russia, Syria, the Crimea Region of Ukraine, the Donetsk People’s Republic (“DNR”), and the Luhansk People’s Republic (“LNR”). If you are located in or are a national of one of the listed countries or regions, an export license may be required as a condition of your employment in this role. Please note that national origin and/or nationality do not affect eligibility for employment with Elastic.

Please see here for our Privacy Statement.

Infosec – Senior Manager

Threat Detection

Elastic

Compensation Overview

What is The Role:

What You Will Be Doing:

What You Will Bring:

Additional Information - We Take Care of Our People

6 month growth

1 year growth

2 year growth

Simplify's Take

What believers are saying

What critics are saying

What makes Elastic unique

Benefits