Senior Security Risk and Compliance Analyst

Elastic, the Search AI Company, enables everyone to find the answers they need in real time, using all their data, at scale — unleashing the potential of businesses and people. The Elastic Search AI Platform, used by more than 50% of the Fortune 500, brings together the precision of search and the intelligence of AI to enable everyone to accelerate the results that matter. By taking advantage of all structured and unstructured data — securing and protecting private information more effectively — Elastic’s complete, cloud-based solutions for search, security, and observability help organizations deliver on the promise of AI.

We’re always on the search for amazing people. People who have a real passion for what they do and are masters at their craft. We are looking for a Senior Information Security Analyst to join our team in Information Security (InfoSec). The InfoSec team leads the strategy, policy, and programs for information security company-wide. Our responsibilities include compliance risk management, implementing a comprehensive security program, driving compliance initiatives, recommending and implementing security controls, preventing and detecting security threats, and handling incident response. We do all of this in a globally distributed company, thinking differently about how we best achieve critical information security objectives.

• Are you passionate about helping an organization maintain and communicate a strong security posture?
• Do you want to be in an InfoSec role that directly supports the overall success of the team and the company?
  
  

This could be your dream job, and we'd love to meet you!

What you will be doing:

• Supporting and maturing Elastic’s governance and compliance program to deliver customer trust at scale
• Leading audit and certification processes and ensuring compliance with requirements for cloud services
• Striving for a modern governance and audit experience, powered by data, automation and metrics
• Building a governance approach that is creative, relevant, practical, and aligned with how Elastic operates as an organization
  
  

What you bring along:

• Experience leading compliance audits and certification processes in a cloud native company, working with some or all of SOC2, ISO 27001, PCI, FedRAMP, UK CE+, and TISAX
• A high degree of autonomy, combining the ability to prioritize and coordinate with a strong attention to detail
• Experience working with cross functional teams and interpreting sophisticated compliance requirements into understandable language
• Bonus points if you have the experience above in a growing SaaS company!
  
  

Additional Information - We Take Care Of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

• Competitive pay based on the work you do here and not your previous salary
• Health coverage for you and your family in many locations
• Ability to craft your calendar with flexible locations and schedules for many roles
• Generous number of vacation days each year
• Increase your impact - We match up to $2000 (or local currency equivalent) for financial donations and service
• Up to 40 hours each year to use toward volunteer projects you love
• Embracing parenthood with minimum of 16 weeks of parental leave
  
  

Different people approach problems differently. We need that. Elastic is an equal opportunity/affirmative action employer committed to diversity, equity, and inclusion. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation.

We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email [email protected] We will reply to your request within 24 business hours of submission.

Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Pay Transparency Nondiscrimination Provision Poster; Employee Polygraph Protection Act (EPPA) Poster and Know Your Rights (Poster)

Elasticsearch develops and distributes encryption software and technology that is subject to U.S. export controls and licensing requirements for individuals who are located in or are nationals of the following sanctioned countries and regions: Belarus, Cuba, Iran, North Korea, Russia, Syria, the Crimea Region of Ukraine, the Donetsk People’s Republic (“DNR”), and the Luhansk People’s Republic (“LNR”). If you are located in or are a national of one of the listed countries or regions, an export license may be required as a condition of your employment in this role. Please note that national origin and/or nationality do not affect eligibility for employment with Elastic.

Please see here for our Privacy Statement.