Elastic, the Search AI Company, enables everyone to find the answers they need in real time, using all their data, at scale — unleashing the potential of businesses and people. The Elastic Search AI Platform, used by more than 50% of the Fortune 500, brings together the precision of search and the intelligence of AI to enable everyone to accelerate the results that matter. By taking advantage of all structured and unstructured data — securing and protecting private information more effectively — Elastic’s complete, cloud-based solutions for search, security, and observability help organizations deliver on the promise of AI. What is the role: The Security Platform Delivery and Success team is responsible for building core capabilities that power Elastic’s next-generation security experiences. Our focus is on delivering context-rich solutions that enhance security insights across the platform, owning the onboarding process for all security customers and helping users understand their estimated costs. As a Senior Software Engineer on the Security Platform Delivery and Success team you will help design and build workflows that make it easier for customers to understand how AI is helping them save time and money, update user-facing capabilities that help customers onboard, and understand how product tiers work.You’ll collaborate closely with other security engineering teams, as well as with product and design, to deliver resilient, high-scale features used by security practitioners around the world. What you will be doing: - Design and implement features that power Value Reports, AI powered Inboxes, Guided onboarding for all of the Security products. - Build and evolve APIs that correlate entities, findings, signals, and configuration data into coherent security stories. - Develop scalable, high-performance systems within the Elastic ecosystem and cloud-native environments. - Own the reliability, observability, and operational health, from design to production. - Collaborate with product, design, and other engineering teams to refine requirements and deliver impactful, user-centered solutions. - Write production-grade code in TypeScript/Node.js (and potentially other languages) as part of a high-quality, well-tested codebase. - Participate in code reviews, technical design discussions, and ongoing improvements to engineering practices. What you bring: - Solid programming experience in Javascript/TypeScript/ with a particular emphasis on React.js and Node.js frameworks. - Experience designing and implementing APIs, data models, and services that support rich application workflows. - Ability to take ownership of problems end-to-end: from clarifying requirements and proposing designs to delivering, monitoring, and iterating in production. - Comfort working in a distributed, async-first environment and collaborating with colleagues across time zones. - A proactive mindset: you ask the right questions, challenge assumptions, and look for ways to improve both product and engineering processes. - Strong communication skills and the ability to explain complex technical topics to both technical and non-technical partners. Bonus points: - Familiarity with Kibana or Elasticsearch - Contributions to open source Compensation for this role is in the form of base salary. This role does not have a variable compensation component. The typical starting salary range for new hires in this role is listed below. These ranges represent the lowest to highest salary we reasonably and in good faith believe we would pay for this role at the time of this posting. We may ultimately pay more or less than the posted range, and the ranges may be modified in the future. An employee's position within the salary range will be based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, geographic location, performance, and business or organizational needs. Elastic believes that employees should have the opportunity to share in the value that we create together for our shareholders. Therefore, in addition to cash compensation, this role is currently eligible to participate in Elastic's stock program. Our total rewards package also includes a company-matched Registered Retirement Savings Plan (RRSP) with dollar-for-dollar matching up to 6% of eligible earnings, along with a range of other benefits offered with a holistic emphasis on employee well-being. The typical starting salary range for this role is: $128,300—$203,000 CAD Additional Information - We Take Care of Our People As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do. We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do. - Competitive pay based on the work you do here and not your previous salary - Health coverage for you and your family in many locations - Ability to craft your calendar with flexible locations and schedules for many roles - Generous number of vacation days each year - Increase your impact - We match up to $2000 (or local currency equivalent) for financial donations and service - Up to 40 hours each year to use toward volunteer projects you love - Embracing parenthood with minimum of 16 weeks of parental leave Different people approach problems differently. We need that. Elastic is an equal opportunity employer and is committed to creating an inclusive culture that celebrates different perspectives, experiences, and backgrounds. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation. We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email candidate_accessibility@elastic.co. We will reply to your request within 24 business hours of submission. Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Pay Transparency Nondiscrimination Provision Poster; Employee Polygraph Protection Act (EPPA) Poster and Know Your Rights (Poster) Elasticsearch develops and distributes technology and information that is subject to U.S. and other countries’ export controls and licensing requirements for individuals who are located in or are nationals of the following sanctioned countries and regions: Belarus, Cuba, Iran, North Korea, Syria, or Russia, including the Ukrainian territories annexed by Russia (The Crimea region of Ukraine, The Donetsk People's Republic (DNR), The Luhansk People's Republic (LNR), Kherson or Zaporizhzhia). If you are located in or are a national of one of the listed countries or regions, an export license may be required as a condition of your employment in this role. Please note that national origin and/or nationality do not affect eligibility for employment with Elastic. Please see here for our Privacy Statement.

Company Description NBCUniversal is one of the world's leading media and entertainment companies. We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to life through our global theme park destinations, consumer products, and experiences. We own and operate leading entertainment and news brands, including NBC, NBC News, NBC Sports, Telemundo, NBC Local Stations, Bravo, and Peacock, our premium ad-supported streaming service. We produce and distribute premier filmed entertainment and programming through our powerhouse film and television studios, including Universal Pictures, DreamWorks Animation, and Focus Features, and the four global television studios under the Universal Studio Group banner, and operate industry-leading theme parks and experiences around the world through Universal Destinations & Experiences, including Universal Orlando Resort, home to Universal Epic Universe, and Universal Studios Hollywood. NBCUniversal is a subsidiary of Comcast Corporation. Visit www.nbcuniversal.com for more information. Our impact is rooted in improving the communities where our employees, customers, and audiences live and work. We have a rich tradition of giving back and ensuring our employees have the opportunity to serve their communities. We champion an inclusive culture and strive to attract and develop a talented workforce to create and deliver a wide range of content reflecting our world. Job Description We are looking for a Staff Cyber Security Engineer to be part of our NBCU Security Architecture team, focused on emerging technologies including AI. This Staff Cyber Security Engineer will partner with the various NBCUniversal businesses, enterprise IT, and Cyber Security organization to ensure technology is designed and deployed securely and aligned with Cyber Security and enterprise technology strategies. This individual will function as a security subject matter expert with broad knowledge across various domains, embedded with engineering teams delivering solutions for NBCUniversal. Initially the primary focus will be on security controls applicable to AI systems and other emerging technologies. You must be cognizant of the wide variety of threats all systems must be protected against and developing threat models and control strategies that are fully integrated into the design, development, and operation of new and evolving technology platforms. The analysis will involve collaboration across the Cyber organization, partnership with business stakeholders, and will result in security guidance and/or mitigation requirements. Finally, you will effectively communicate the importance of key Cyber programs and services to obtain support, trust and buy-in from business and technology teams to ensure security goals are being met. Qualifications Requirements: - 8+ years of experience partnering with business and technical teams to architect secure products and maintain a secure posture throughout their lifecycle - Ability to explain common threats to components including Network, Cloud, Web and Application environments and design mitigations with context of product and business needs - Some knowledge and awareness of ML and generative AI technologies, including common security concerns and mitigations - Knowledge of best practices in the Cyber Security industry, including OWASP Top 10 and CWE/SANS Top 25 - Advanced technical knowledge in one or more security domains, with specific expertise designing complex systems and mitigating significant risk - Ability to give and receive constructive feedback in a team environment, fostering a culture of continual improvement and excellence - Willingness to provide mentorship to more junior members of the team - Strong written/verbal communication and presentation skills with the ability to tailor to both technical, and non-technical audiences - Constant learner, actively experimenting and working with new technologies with quick instincts for picking up and developing expertise in new problem domains - Experience developing and documenting security guidelines or security best practices - Excellent time management skills to appropriately prioritize multiple concurrent projects Desired Characteristics: - Formal Degree is not required, relevant experience in the above-mentioned areas prioritized - Experience performing Threat Analysis and modeling leveraging best in industry frameworks such as MITRE ATT&CK, indicating your proficiency in implementing robust security measures - Familiarity with security control frameworks such as Cloud Security Matrix, NIST CSF, CIS Critical Security Controls - In-depth knowledge of generative AI platforms such as Azure OpenAI services and various models including GPT-4, Llama, Midjourney and the underlying technologies and safety and security risks - Understanding of various data and privacy regulations, including PCI DSS, SOX, HIPAA, GDPR, CCPA - In depth knowledge of common Cloud services and platforms (IaaS, PaaS, SaaS) - A firm understanding of Cybersecurity Engineering/Operations, Incident Response, and GRC functions - Empathy for engineering teams with the ability to balance security guidelines and policies with operational needs to maintain desired end-state corporate security posture Additional Requirements: - Fully Remote: This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee’s residence. This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks. Learn more about the benefits offered by NBCUniversal by visiting the Benefits page of the Careers website. Salary range: $125,000 - $155,000 (bonus eligible) Additional Information As part of our selection process, external candidates may be required to attend an in-person interview with an NBCUniversal employee at one of our locations prior to a hiring decision. NBCUniversal's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law. If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access nbcunicareers.com as a result of your disability. You can request reasonable accommodations by emailing [email protected]. For LA County and City Residents Only: NBCUniversal will consider for employment qualified applicants with criminal histories, or arrest or conviction records, in a manner consistent with relevant legal requirements, including the City of Los Angeles' Fair Chance Initiative For Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act, where applicable. - Business Segment: Operations & Technology - Compensation: USD 125000 - USD 155000 - yearly

• Define the short-term strategy for the area in a scalable manner for the organization. • Align and set goals with teams. • Direct cloud security action plans. • Define, assess, and implement cloud security processes and solutions. • Define, manage, and develop CloudSec products. • Serve as the Information Security focal point for identifying, assessing, and mitigating cloud risks. • Plan and execute security testing on cloud infrastructure. • Provision and maintain the cloud environments that support CloudSec solutions. • Support the response to cloud security incidents. • Create, guide, document, and review cloud security processes, workflows, and guidelines. • Coordinate cloud security projects that impact the business. • Provide technical leadership to the team, promoting development and delivery of results. • Define cloud compliance and security standards for executive management. • Manage strategic partnerships and optimize the overall resilience of the environment. • Formally mentor other architects and specialists. • Actively support team hiring by participating in technical interviews.

• riferimento tecnico per Azure Monitor, Log Analytics e Azure Alerts • progettare e implementare strategie di monitoraggio endtoend per workload Azure e ibridi • configurare metriche, log, dashboard e alert allineati a modelli SRE e operational excellence • supportare i clienti nel miglioramento di availability, performance e cost management • diagnosticare problematiche complesse tramite log, metriche e telemetria distribuita • analizzare dati applicativi e di piattaforma per individuare la root cause • supportare incident response e postincident review • ottimizzare alerting, ridurre il rumore e migliorare la maturità operativa • integrare Azure Monitor con Application Insights, VM Insights, Container Insights e Network Insights • fornire linee guida su governance, RBAC, retention dei dati e ottimizzazione dei costi • collaborare con team security e infrastructure su visibilità e telemetria condivisa