Vacancy caducado!
Senior Cloud Security Engineer Job Description
DevSecOps Senior Cloud Security Engineer CoStar Group, Inc. (NASDAQ - CSGP) ( www.costar.com ) is commercial real estate's leading provider of information and analytic services.Founded in 1987, CoStar conducts expansive, ongoing research to produce and maintain the largest and most comprehensive database of commercial real estate information. Our suite of online services enables clients to analyze, interpret and gain unmatched insight on commercial property values, market conditions and current availabilities.Headquartered in Washington, DC, CoStar maintains offices throughout the U.S. and around the world with a staff of approximately 4,300 worldwide, including the industry's largest professional research organization.OVERVIEW Identify and implement security improvements across private and public clouds utilized in the delivery of CoStar's customer facing products and corporate applications. Implement secure practices, defense in-depth and monitoring and event response tool sets to handle growing threats in the cloud. Work closely with DevOps, DBAs, Systems, and Network engineers to refine and enforce security practices. BASIC QUALIFICATIONS- Bachelors in Computer Science or related Field
- Relevant experience areas (deep expertise required in at least 3):
- Engineering cloud security guard rails in AWS, Azure, or Google Cloud Platform
- Cloud Security Posture Management (CSPM) tools - Security Monkey, CloudCheckr, Prisma Cloud, Cloud Conformity, AWS GuardDuty, AWS Config, DivvyCloud, etc.
- Infrastructure as Code (IaC) - Ansible, Terraform, Chef, AWS Cloudformation, SaltStack, Puppet.
- Scripting languages such as PowerShell, Python, GoLang, Ruby, etc.
- Container and Kubernetes - Securing container images at rest, build, and runtime.
- Cloud WAF - Akamai Kona, AWS WAF, Arbor, Prolexic, or similar tools.
- Logging and SIEM Technologies - Cloud Native solutions such as CloudTrail, Cloudwatch, and VPC Flow logs. Other packaged SIEMs such as ElasticSearch, IBM QRadar, Azure Sentinel, Splunk, etc.
- Key Management - Privileged account management solutions in the cloud for key management, service account and secrets management, rotation and event response, including tools such as Secret Server (Thycotic), Vault (HashiCorp), Cloud KMS, or similar tool set.
- Experience in a development and operations role, implementing security through code development and infrastructure code reviews, establishing security ecosystems utilizing APIs and event driven security response.
- Previous participation in bug-hunting, pen tests, vulnerability assessments
- Cloud access security broker (CASB) or similar experience securing SaaS offerings such as O365, GoogleApps, and other cloud vendors.
- Optional, but very relevant certifications: AWSCSA, OSCP, SANS/GIAC, CISSP, CISA, CISM, CEH, CCNA, CCNP, MCSE, MCP, MCTS, Security+, MCITP
- Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug
- Life, legal, and supplementary insurance
- Commuter and parking benefits
- 401(K) retirement plan with matching contributions
- Employee stock purchase plan
- Paid time off
- Tuition reimbursement
- On-site fitness center and/or reimbursed fitness center membership costs (location dependent), with yoga studio, Pelotons, personal training, group exercise classes, as well as Segways and bikes available for use during the day
- Complimentary gourmet coffee, tea, hot chocolate, prepared foods, fresh fruit, and other healthy snacks
Vacancy caducado!