CoStar Group, Inc. (NASDAQ - CSGP) (www.costar.com) is commercial real estate's leading provider of information and analytic services.
Founded in 1987, CoStar conducts expansive, ongoing research to produce and maintain the largest and most comprehensive database of commercial real estate information. Our suite of online services enables clients to analyze, interpret and gain unmatched insight on commercial property values, market conditions and current availabilities.
Headquartered in Washington, DC, CoStar maintains offices throughout the U.S. and in Europe with a staff of approximately 4,000 worldwide, including the industry's largest professional research organization.
Job Description: Security Engineer
Overview & Responsibilities:
We are looking for a smart, creative and passionate Security Engineer to help continue improving our information security posture at The CoStar Group. You will engage with all departments of The CoStar Group helping drive and shape the way we manage the protection of our customers and our ever growing data environment.
We-re looking for someone who has the ability to communicate and reinforce security concepts to technical and non-technical audiences within the CoStar Enterprise. Additionally, the candidate must have experience implementing, using and updating standard security software in at least one of the following areas: vulnerability scanning/management, Security Information and Event Management (SIEM) or end-node security. The successfully candidate will be a self-starter motivated to learn new technologies and tools and assist in moving security forward as it is implemented within the CoStar Enterprise.
* Vulnerability Scanning/Management: Like Nessus, Qualys, Rapid7 Nexpose or InsightVM, or Retina
* SIEM: Like LogRhythm, Splunk, ArcSight, or QRadar
* EndPoint Security: McAfee, Symantec, TrendMicro, Cylance, Carbon Black or Crowd Strike
Qualifications & Requirements:
* Bachelor-s Degree in Computer Science (or related field)
* One or more security certification such as SANS/GIAC, CISSP, CISA, CISM, a plus
* Minimum 3 years- experience in Information Security
* Scripting/programming skills (Perl, Python) and familiarity with ethical hacking, a plus
* Knowledge of UNIX and Windows environments as may pertain to Network and Security tasks including syslog, DNS, load balancers, Windows Event Log
* Perform security review and monitoring of the production environment setup permissions of users, open ports/services and overall network setup
* Examine network, server, and application logs to determine trends and identify security incidents
* Use security tools to audit infrastructure, detect issues and coordinate remediation of any issues
* Perform monthly scans of the internal and external networks for critical or high vulnerabilities for adherence to PCI and SOX
* Set up dashboards and review production logs and look for patterns of possible security incidents using our SIEM solution
* Follow, develop and improve network and security configuration procedures
* Primary lead for endpoint security products
* Deliver, maintain and improve security awareness training.
* Manage endpoint security tools like antivirus, antimalware and incident response tools.
* Work with other teams to remediate discovered deficiencies.
* Requires excellent oral and written communication skills to work effectively with others regardless of departmental or geographic boundaries
* Requires the ability to produce detailed technical documentation
* Requires proficiency with PC software applications, E-Mail, and job associated applications/systems to expediently process work
* Requires experience developing and presenting recommendations using Power Point to peers and management
* Requires good organization skills to produce quality work, within required specifications, and within scheduled timelines
* The position requires individual initiative and ability to influence events, rather than passively accepting them, in order to achieve goals. This means being proactive and a self-starter and going beyond specific job responsibilities to ensure goals are achieved or exceeded
* Excellent customer service skills
CoStar offers a competitive base salary and benefits which include:
* Comprehensive medical, dental, prescription and vision benefits with a choice of two plans.
* Company-paid life insurance for one time's your annual base salary to a maximum of $300,000 per year.
* Company-paid long-term and short-term disability benefits.
* Paid vacation, sick days and personal days.
* 401K with 100% match up to 4%
DC Office Benefits:
* Work for an environmentally conscious company in an environmentally friendly building.
* LEED Gold Certified
* Available Segways and bikes for personal use with training provided- for free!
* $100 / month in Metro SmartCard Benefits
* Green roof
* Electric vehicle charging stations onsite.
* Verizon Center box tickets- for free!
* Underground parking
* Complete fitness center with locker rooms onsite
* Onsite Yoga
* Beautiful roof top terrace with expansive views of the city; great for lunch and after work hangouts
* Fresh fruit, juice, vegetables, and yogurts stocked daily
* Full HD video conference system between any CoStar office
CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing