InfoSec - Product Security - Senior Program Manager

Full Time
9 months ago

Elastic is a free and open search company that powers enterprise search, observability, and security solutions built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real-time and at scale. Thousands of organizations worldwide, including Barclays, Cisco, eBay, Fairfax, ING, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe. Learn more at elastic.co.

We’re always on the search for outstanding people who have a real passion for what they do and are masters at their craft! We are looking for a Program Manager - Product Security to help drive the growth and maturity of Elastic's Secure Software Development Program. In a globally distributed company, we think differently about how to best achieve critical security objectives.

Are you passionate about leading through uncertainty, driving a portfolio of technical security projects and strategic business improvements in a distributed environment? Then we should have a conversation!

What You Will Be Doing:

The Product Security team is accountable for the security of all Elastic products and secure development at Elastic. We ensure customer trust and enable Elastic engineers to integrate security into the fabric of our product development.

  • Own the delivery of key programs and projects to deliver business value. Identify constraints, risks, and dependencies in all phases of the lifecycle to manage project schedules, resources, and budgets.
  • Effectively communicate to partners and senior leadership on progress and drive decisions to address program and project challenges.
  • Partner and work directly with Elastic R&D, IT, Support, and other lines-of-business to mature our application security program and ensure the efficiency of critical business processes.
What You Bring Along:
  • Outstanding spoken and written communication skills in an asynchronous distributed environment.
  • A reputation for effectively running multiple technical projects concurrently and keeping leadership proactively informed about progress and risks
  • A foundational understanding of secure product development objectives and practices, for example: Critical Vulnerability Response & Disclosure, Application Security Testing (pen-testing), Secure Code Review, Supply Chain Risk Mitigation, Vulnerability Management
Bonus points:
  • Experience with Elastic products
  • Knowledge of software development platforms, technologies, and methods

Compensation for this role is in the form of base salary.  This role does not have a variable compensation component.  

The typical starting salary range for new hires in this role is listed below.  In select locations (including Seattle WA, Los Angeles CA, the San Francisco Bay Area CA, and the New York City Metro Area), an alternate range may apply as specified below. 

These ranges represent the lowest to highest salary we reasonably and in good faith believe we would pay for this role at the time of this posting.  We may ultimately pay more or less than the posted range, and the ranges may be modified in the future.  

An employee's position within the salary range will be based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, geographic location, performance, and business or organizational needs.

Additionally, this role is still eligible to participate in Elastic’s equity plan, 401k plan, and a range of other benefits offered with a holistic emphasis on employee well-being.  If you need additional details on our benefits, please review the US Benefits page on Wiki.The typical salary range for this role is:$126,800—$174,000 USDThe typical salary range for this role in the select locations listed above is:$152,200—$240,800 USDAdditional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

  • Competitive pay based on the work you do here and not your previous salary
  • Health coverage for you and your family in many locations
  • Ability to craft your calendar with flexible locations and schedules for many roles
  • Generous number of vacation days each year
  • Double your charitable giving - We match up to $1500 (or local currency equivalent)
  • Up to 40 hours each year to use toward volunteer projects you love
  • Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is an equal opportunity/affirmative action employer committed to diversity, equity, and inclusion. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation.

We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email candidate_accessibility@elastic.co We will reply to your request within 24 business hours of submission.

Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Pay Transparency Nondiscrimination Provision Poster; Employee Polygraph Protection Act (EPPA) Poster and Know Your Rights (Poster)

Please see here for our Privacy Statement.