Senior Identity and Access Management (IAM) Engineer
CoStar provides industry professionals and consumers of commercial real estate and apartments with critical knowledge to explore and complete transactions by offering the most comprehensive, timely and standardized information on commercial real estate and apartments and the right innovative tools to utilize that information. Position Overview:
Connect 4000 employees to 8000 servers, securely through a zero trust framework.
Opportunity to work in an advanced security operation that is responsible for securing the data and products behind 35 websites serving 60M global visitors/mo, running on top of multiple private and public clouds.
We are looking for passionate, technical IAM Engineers to architect, engineer, and operate all IAM activities across a large technical operations infrastructure and corporate environment. This position will work with Security, Systems, DevOps, Network, and Development teams to drive and shape the way our employees and engineers access our systems through a Zero Trust model. The candidate must have experience implementing and operating IAM tools. Required Qualifications:
Relevant experience areas (experience required in at least 2):
- Bachelor's Degree (preferably in a relevant field - Computer Science/Cyber Security)
- Minimum 3 years total experience in a technical role such as security, network, systems, or software engineer with at least 1 year focused on IAM.
Optional, but very relevant Certifications:
- LDAP - Active Directory, Group Policy Administration, AD migrations & consolidations, AWS SimpleAD, Duo Multi-Factor Authentication (MFA)
- Single Sign On (SSO) Identity Providers (IdP) - Okta, OneLogin, Ping Identity, AzureAD
- Privileged Access Management - CyberArk
- Vault experience - Hashicorp Vault, Thycotic Secret Server, AWS Secrets Manager, 1Password
- Cloud IAM - AWS Identity and Access Management (IAM), Azure AzureAD, GCP Cloud IAM
- Zero Trust modeling - BeyondCorp, ZScaler, Cyxtera, Palo Alto Prisma
- IAM Security Defense - Bloodhound, Mimikatz, Password Spray, Rainbow tables, and cryptography.
- Network based IA & VPN - Palo Alto User-ID, App-ID, CheckPoint IA, Junos Pulse VPN
- Security Proxies - (F5, NetScaler, Bluecoat, ZScaler, Akamai)
SANS/GIAC, CISSP, CISM, OSCP, OSWP, GPEN, CEH, Security+, CCNA, CCNP, CCIE, PCNSE, ACE, CCSA, CCSE, CCMSE JNCIE, VCP-NV, F5-CA, F5-CTS, F5-CSE, ACMA, ACMP, ACMX, ACDX, AWS CSA, MCSE, MCITP, MCSA, AWS-CSAOperational Responsibilities:
Position requires participation in a 24x7 on-call rotation and off hour's maintenance windows
CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing