Software Engineer II - Node - Security - Admin Experience - AppEx
2 days ago
Madrid
Overview Elastic, the Search AI Company, enables everyone to find the answers they need in real time, using all their data, at scale — unleashing the potential of businesses and people. The Elastic Search AI Platform, used by more than 50% of the Fortune 500, brings together the precision of search and the intelligence of AI to enable everyone to accelerate the results that matter. By taking advantage of all structured and unstructured data — securing and protecting private information more effectively — Elastic’s complete, cloud-based solutions for search, security, and observability help organizations deliver on the promise of AI. What is The Role: We are looking for a security-focused Engineer to strengthen Kibana's security posture and build robust platform security features. In this role, you'll be responsible for hardening Kibana against evolving threats, managing security vulnerabilities, and ensuring our application meets the highest security standards for enterprise and government customers. You'll also leverage AI to build innovative security tools that enhance our vulnerability detection, automate security workflows, and accelerate threat response. If you're passionate about web application security and want to make a direct impact on protecting critical infrastructure while pushing the boundaries of AI-powered security, this is the role for you. What You Will Be Doing: Lead security hardening efforts across Kibana's codebase and infrastructure, including content security policy implementation and enforcement Build AI-powered tools and workflows to enhance security operations, including automated vulnerability detection, intelligent security alert triage, and predictive threat analysis Manage third-party dependency security through regular audits, vulnerability assessments, and coordinated upgrades Collaborate with security researchers and respond to vulnerability reports with urgency and thoroughness Design and implement security controls for authentication, authorization, and auditing features Work closely with Operations and Engineering teams to ensure security best practices across our hosted and on-premise offerings Contribute to threat modeling and security architecture decisions for new features Write secure, maintainable code for both client and server-side components What You Bring: At least 3 years of web development experience, with a focus on secure development practices Strong knowledge of web application security principles including OWASP Top 10, secure authentication patterns, and defense-in-depth strategies Experience with security vulnerability management, including triage, remediation, and coordinated disclosure Proficiency with JavaScript, TypeScript, and Node.js Familiarity with security scanning tools and vulnerability management platforms (e.g., Snyk, CodeQL, HackerOne) Ability to work and communicate effectively with a worldwide team in a distributed work environment Hands‑on experience implementing and maintaining content security policies, CORS policies, and other browser security controls Understanding of single-sign‑on technologies, role-based access control, and identity management protocols Additional Information - We Take Care of Our People: As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do. We strive to have parity of benefits across regions, and while regulations differ from place to place, we believe taking care of our people is the right thing to do. Competitive pay based on the work you do here and not your previous salary Health coverage for you and your family in many locations Ability to craft your calendar with flexible locations and schedules for many roles Generous number of vacation days each year Increase your impact – We match up to $2000 (or local currency equivalent) for financial donations and service Up to 40 hours each year to use toward volunteer projects you love Embracing parenthood with a minimum of 16 weeks of parental leave Security & Privacy Responsibilities Take ownership of protecting the confidentiality, integrity, and availability of organizational data and systems by following applicable privacy and security policies, standards, and procedures. Ensure that all individual contributions follow Elastic’s Secure Software Development Framework (SSDF). Proactively participate in mandatory role-based training to ensure personal technical execution consistently aligns with the highest standards of data protection, data privacy, and system resilience. Equal Opportunity Employer Statement Different people approach problems differently. We need that. Elastic is an equal‑opportunity employer and is committed to creating an inclusive culture that celebrates different perspectives, experiences, and backgrounds. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation. We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email . We will reply to your request within 24 business hours of submission. Legal Information Applicants have rights under Federal Employment Laws and can view the following posters linked below: Family and Medical Leave Act (FMLA) Poster Employee Polygraph Protection Act (EPPA) Poster Elasticsearch develops and distributes technology and information that is subject to U.S. and other countries’ export controls and licensing requirements for individuals who are located in or are nationals of the following sanctioned countries and regions: Belarus, Cuba, Iran, North Korea, Syria, or Russia, including the Ukrainian territories annexed by Russia (The Crimea region of Ukraine, The Donetsk People's Republic (DNR), The Luhansk People's Republic (LNR), Kherson or Zaporizhzhia). If you are located in or are a national of one of the listed countries or regions, an export license may be required as a condition of your employment in this role. Please note that national origin and/or nationality do not affect eligibility for employment with Elastic. Please see here for our Privacy Statement . What Elastic Has to Offer Elastic is the company behind the Elastic Stack – Elasticsearch, Kibana, Beats, and Logstash. From stock quotes to Twitter streams, Apache logs to WordPress blogs, Elastic helps people explore and analyze their data differently using the power of search. Thousands of organizations worldwide, including Cisco, eBay, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission‑critical systems. Elastic offers its employees benefits like: 401(k) / Retirement Plan Minimum 16 weeks of parental leave Health coverage & vision insurance Flexible locations & schedules Work from home policy Generous vacation time & paid holidays #J-18808-Ljbffr
Waiters
Sales & Marketing
Chef & Cook
Retail
Salon & Beauty
Construction & Trades
Fast Food
Accounting & Finance
Animal Care
Art, Media, Design
Bar Staff
Barista
Child Care
Cleaning
Customer Service
Driver & Delivery
Education
Engineering
Entertainment
Events & Promotion
Fashion
Healthcare
Host & Hostess
Information Technology
Kitchen Porter
Legal
Management
Manufacturing
Office & Admin
Online Jobs
Science
Security
Sports & Wellness
Warehouse
Writing & Editing
Other
Page 11