Vacancy caducado!
Senior Offensive Security Engineer Job Description
Senior Offensive Security Engineer - CoStar Group - Washington, DC CoStar Group, Inc. (NASDAQ - CSGP) ( www.costar.com ) is commercial real estate's leading provider of information and analytic services.Founded in 1987, CoStar conducts expansive, ongoing research to produce and maintain the largest and most comprehensive database of commercial real estate information. Our suite of online services enables clients to analyze, interpret and gain unmatched insight on commercial property values, market conditions and current availabilities.Headquartered in Washington, DC, CoStar maintains offices throughout the U.S. and around the world with a staff of approximately 4,300 worldwide, including the industry's largest professional research organization.OVERVIEW & RESPONSIBILITIES We are looking for a smart, creative and passionate Offensive Security Engineer to help continue improving our information security posture at The CoStar Group. You will engage with development, DevOps, SecOps, Security and other teams of The CoStar Group helping drive and shape the way we manage the protection of our customers and our ever-growing data environment.We're looking for someone who will take the lead in building out our offensive security capacity to test our internal and external facing processes and applications. This position will be tasked with developing test plans to validate identified vulnerabilities and demonstrate the exploitation of the vulnerabilities. The ability to explain the exploit to senior level management is key to success in this role. Additionally, staying current with trends, techniques and tools used by attackers are critical skills for this role. We will want this Engineer to mentor other security team members to increase the overall knowledge of the Security Team about Offensive Security and build new members of the Offensive Security Team. The successfully candidate will be a self-starter motivated to learn new technologies and tools and assist in moving offensive security forward as it is implemented within the CoStar Enterprise.BASIC QUALIFICATIONS- Bachelor's Degree in Computer Science/Cyber Security (or related field)
- Security certification such as OSCP, OSWP, GPEN or similar certification a plus
- Minimum 6 years' experience in Information Security
- Scripting/programming skills (Perl, Python, PowerShell) and strong ethical hacking skills
- Experience running an Offensive Security team or being a senior member of an Offensive Security team
- Footprinting networks and systems
- Using security tools like NMAP, DirBuster, Nikto, OWASP-ZAP, SQLMap, John The Ripper, WireShark, EtterCap, AirCrack, NetCat, Burp Suite, Samurai, Kali Linux, Empire, MetaSpoit, Cobalt Strike and similar tools
- Expertise in Web Application testing is preferred
- Windows Active Directory exploitation tools and techniques
- Create penetration testing projects for CoStar's stable of Web Applications and participate in remediation and validation efforts
- Conduct threat hunting in the CoStar enterprise
- Develop routine monthly and quarterly tests of the CoStar infrastructure to assist in maturing our security posture
- Primary lead for new offensive security projects.
- Requires excellent oral and written communication skills to work effectively with others regardless of departmental or geographic boundaries
- Requires the ability to produce detailed technical documentation
- Requires proficiency with PC software applications, E-Mail, and job associated applications/systems to expediently process work
- Requires experience developing and presenting recommendations using PowerPoint to peers and management
- Requires good organization skills to produce quality work, within required specifications, and within scheduled timelines
- The position requires individual initiative and ability to influence events, rather than passively accepting them, in order to achieve goals. This means being proactive and a self-starter and going beyond specific job responsibilities to ensure goals are achieved or exceeded
- Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug
- Life, legal, and supplementary insurance
- Commuter and parking benefits
- 401(K) retirement plan with matching contributions
- Employee stock purchase plan
- Paid time off
- Tuition reimbursement
- On-site fitness center and/or reimbursed fitness center membership costs (location dependent), with yoga studio, Pelotons, personal training, group exercise classes, as well as Segways and bikes available for use during the day
- Complimentary gourmet coffee, tea, hot chocolate, prepared foods, fresh fruit, and other healthy snacks
Vacancy caducado!