Senior DevSecOps Engineer
Job DescriptionSenior DevSecOps Engineer
CoStar Group, Inc. (NASDAQ - CSGP) ( www.costar.com ) is commercial real estate's leading provider of information and analytic services.
Founded in 1987, CoStar conducts expansive, ongoing research to produce and maintain the largest and most comprehensive database of commercial real estate information. Our suite of online services enables clients to analyze, interpret and gain unmatched insight on commercial property values, market conditions and current availabilities.
Headquartered in Washington, DC, CoStar maintains offices throughout the U.S. and around the world with a staff of approximately 4,300 worldwide, including the industry's largest professional research organization.OVERVIEW
Identify and implement security improvements across private and public clouds utilized in the delivery of CoStar's customer facing products and corporate applications. Implement secure practices, defense in-depth and monitoring and event response tool sets to handle growing threats in the cloud. Work closely with DevOps, DBAs, Systems, and Network engineers to refine and enforce security practices. BASIC QUALIFICATIONS
PREFERRED QUALIFCATIONS AND SKILLS
- Bachelors in Computer Science or related field
- Relevant experience areas (deep expertise required in at least 3):
- Engineering cloud security guard rails in AWS, Azure, or Google Cloud Platform.
- Strong understanding of serverless technologies and security implications deployed in public cloud - AWS Lambda, Containers (ECS Fargate, EKS), etc.
- Container and Kubernetes - Securing container images at rest, build, and runtime.
- Experience deploying automated security tooling in CI/CD pipelines.
- Cloud Security Posture Management (CSPM) tools - CloudCheckr, Prisma Cloud, Cloud Conformity, AWS GuardDuty, AWS Config, DivvyCloud, etc.
- Infrastructure as Code (IaC) - Ansible, Terraform, Chef, AWS Cloudformation, SaltStack, Puppet.
- Scripting languages such as PowerShell, Python, GoLang, Ruby, etc.
- Key Management - Privileged account management solutions in the cloud for key management, service account and secrets management, rotation, and event response, including tools such as Secret Server (Thycotic), Vault (HashiCorp), Cloud KMS, or similar tool set.
- Cloud access security broker (CASB) or similar experience securing SaaS offerings such as O365, GoogleApps, and other cloud vendors.
- Optional, but very relevant certifications: AWSCSA, OSCP, SANS/GIAC, CISSP, CISA, CISM, CEH, CCNA, CCNP, MCSE, MCP, MCTS, Security+, MCITP
Position requires participation in a 24x7 on-call rotation and off hour's maintenance windowsOVERVIEW OF COMPANY:
Founded in 1987, CoStar Group is the leading provider of commercial real estate information, analytics, and online marketplaces. Our suite of online services enables clients to analyze, interpret and gain unmatched insight on commercial property values, market conditions and current availability. Behind some of the most well-known brands in the industry, CoStar Group includes CoStar, the largest provider of CRE research and real-time data; LoopNet, the most heavily trafficked mobile and online real estate marketplace; Apartments.com, the premier rental home resource for renters, property managers and owners; STR, the leading provider of performance benchmarking and comparative analytics to the hotel industry; BizBuySell, the largest online marketplace for businesses-for-sales; and Lands of America, the leading operator of online marketplaces for rural real estate.
Headquartered in Washington, DC, CoStar Group maintains offices throughout the U.S. and in Europe, Canada, and Asia with a staff of over 4,300 worldwide.WHATS IN IT FOR YOU:
Working at CoStar Group means you'll enjoy a culture of collaboration and innovation that attracts the best and brightest across a broad range of disciplines. In addition to generous compensation and performance-based incentives, you'll be supported in both your professional and academic growth with internal training, tuition reimbursement, and an inter-office exchange program.
Our benefits package includes (but is not limited to):
- Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug
- Life, legal, and supplementary insurance
- Commuter and parking benefits
- 401(K) retirement plan with matching contributions
- Employee stock purchase plan
- Paid time off
- Tuition reimbursement
- On-site fitness center and/or reimbursed fitness center membership costs (location dependent), with yoga studio, Pelotons, personal training, group exercise classes, as well as Segways and bikes available for use during the day
- Complimentary gourmet coffee, tea, hot chocolate, prepared foods, fresh fruit, and other healthy snacks
Be part of a team of professionals enjoying the opportunity to learn, do, and grow in a rewarding atmosphere. But don't just take our word for it -- see why our team chose to work at and stay at CoStar Group: https://www.youtube.com/watch?v=CVbJRnJ2sX0
We welcome all qualified candidates who are currently eligible to work full-time in the United States to apply. However, please note that CoStar is not able to provide visa sponsorship for this position.
CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing