Senior Product Security Engineer
Join CoStar Group as a senior engineer focused on building secure, scalable products in the real‐estate technology space.
About CoStar Group
CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real‐estate information, analytics, and online marketplaces. A mission to digitize the world's real estate empowers customers with insights, connections, and tools to improve businesses and lives.
Responsibilities
- Lead the integration of security into DevOps processes, championing a culture of ownership and awareness across the organization.
- Act as the primary security advisor, conducting solution design reviews, leading threat‐modeling sessions, and performing hands‐on code reviews.
- Automate security testing throughout the CI/CD pipeline, consuming a variety of application security tools (DAST, SAST, SCA, credential scanning, IAC scanning) to secure web applications during development and production run‐time.
- Partner with GRC to adhere to industry standards and collaborate with Security Operations to support investigations and incident response.
Basic Qualifications
- Bachelor's degree (Computer Science, Cybersecurity, or related field) from an accredited institution.
- 5+ years of experience in a Product/Application Security or DevSecOps role.
- Strong knowledge of DevOps principles, security best practices, and the ability to communicate effectively with engineering teams.
- Proficiency in scripting and automation (Java, C/C++, C#, Python, JavaScript, PowerShell).
- Experience with container security (Docker, ECS, Kubernetes) and cloud security (AWS, Azure, or GCP).
Preferred Qualifications
- Hands‐on experience implementing security tools into CI/CD pipelines and IDE interfaces, including SAST and SCA solutions.
- Experience with web application penetration testing and evaluating vulnerability severity.
- Ability to drive security by design principles, advancing the application security program and following through ideas to completion.
- Knowledge of infrastructure operations across databases, network, and system administration.
Perks and Next Steps
Hybrid working model, first‐rate parental leave, continuous growth opportunities, and a culture that values creativity and innovation.
To apply, submit your application and our recruiting team will reach out as soon as possible.
#J-18808-Ljbffr