Elastic · 3 weeks ago
Senior Offensive Security Engineer – Detection & Adversary Research
United States
Full-time
Remote
Senior LevelElastic, the Search AI Company, enables everyone to find the answers they need in real time using all their data. They are seeking a Senior Offensive Security Engineer focused on strengthening detections, improving telemetry usage, and building internal capabilities to stay ahead of attackers.
AnalyticsCloud ComputingOpen SourceSaaSSearch EngineSoftware
Responsibilities
Partnering with detection engineers and researchers to validate logic, challenge assumptions, and uncover evasions
Running targeted adversarial tests to explore realistic attacker behaviors and improve detection coverage
Creating internal tooling that generates telemetry, mimics attacker techniques, or automates validation workflows
Analyzing exploit behavior, payload mechanics, and attacker tradecraft, occasionally using lightweight reverse engineering when it directly supports detection work
Identifying telemetry gaps or weak signals and collaborating with engineering teams to improve visibility
Contributing to purple-team style initiatives by translating offensive findings into durable, production-ready detections
Sharing research and insights through Elastic Security Labs, blogs, workshops, or community engagements
Keeping up with attacker trends, tools, and evasion techniques to help guide our detection roadmap
Qualification
Required
Proficiency with scripting languages like Python, PowerShell, or Bash; familiarity with C/C++ for PoCs or bypass tools
Experience researching evasions, testing detection boundaries, or probing SIEM/EDR/cloud detection systems
Understanding exploit behavior, OS internals, telemetry sources, and attacker tradecraft
Knowledge of MITRE ATT&CK and common offensive frameworks, with the ability to adapt tooling when needed
Clear communication when collaborating with defenders such as SOC analysts, detection engineers, or incident responders
A creative and inquisitive approach to security problems—and an interest in helping defenders win!
Preferred
Experience writing or contributing to detections for SIEM, EDR, cloud environments, or related platforms
Understanding of the Elastic Security Solution, Elastic's prebuilt rules, Elastic query languages, or the Elastic Common Schema
Experience developing offensive testing frameworks, telemetry generators, or automated detection QA pipelines
Contributions to open-source security tools, research publications, technical blog posts, or conference talks
Knowledge of RE tools like Ghidra or IDA (useful occasionally, but not a core part of the job)
Benefits
Health coverage for you and your family in many locations
Ability to craft your calendar with flexible locations and schedules for many roles
Generous number of vacation days each year
We match up to $2000 (or local currency equivalent) for financial donations and service
Up to 40 hours each year to use toward volunteer projects you love
Minimum of 16 weeks of parental leave
Company
Elastic
Elastic builds software to make data usable in real time and at scale for search, logging, security, and analytics use cases.
Founded in 2012
1001-5000 employees
H1B Sponsorship
Elastic has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2024 (1)
2022 (2)
2021 (1)
Funding
Current Stage
Public CompanyTotal Funding
$162MKey Investors
New Enterprise AssociatesIndex VenturesBenchmark
2018-10-04IPO
2018-05-03Secondary Market
2016-07-01Series D· $58M
Leadership Team
Ashutosh Kulkarni
CEO
Shay Banon
Chief Technology Officer
Recent News
2025-12-29
2025-12-10
Company data provided by crunchbase