Senior Enterprise Security Engineer

<br>

Job Description

<br>

Overview

CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100, CoStar Group is on a mission to digitize the world’s real estate, empowering all people to discover properties, insights and connections that improve their businesses and lives.

We have been living and breathing the world of real estate information and online marketplaces for over 35 years, giving us the perspective to create truly unique and valuable offerings to our customers. We’ve continually refined, transformed and perfected our approach to our business, creating a language that has become standard in our industry, for our customers, and even our competitors. We continue that effort today and are always working to improve and drive innovation. This is how we deliver for our customers, our employees, and investors. By equipping the brightest minds with the best resources available, we provide an invaluable edge in real estate.

We are seeking a skilled and experienced Senior Cybersecurity Engineer with expertise in the deployment and operations of the Microsoft Defender suite of tooling. You will engage with all departments of CoStar Group helping drive and shape the way we manage the protection of our enterprise infrastructure. We’re looking for someone who can communicate and reinforce security concepts to technical and non-technical team members.

The ideal candidate will have:

Deep experience operating Endpoint Defender tooling – including Microsoft Defender for Endpoint, Defender, XDR, Defender for Identity, Application Control, Firewall, SmartScreen, Antivirus, etc.

Familiarity with designing and operating a vulnerability management program – both in the cloud and on-premises using tooling like Wiz, Defender Vulnerability Management and Rapid7 InsightVM

Experience engineering and operating secure networks (both in the cloud and on-premise) including tooling such as AWS Network Firewall, Transit Gateway, Palo Alto Firewalls, Defender for Cloud Apps, Zscaler SASE (Zscaler Internet Access and Zscaler Private Access)

The successful candidate will be intrinsically motivated to learn new technologies and tools to move security forward as it is implemented within the CoStar Enterprise.

Responsibilities:

Microsoft Defender Deployment:Design, implement, and manage Microsoft Defender solutions to protect against various cyber threats.Ensure proper configuration and deployment of Microsoft Defender for endpoint protection.

Collaborate with cross-functional teams to integrate Microsoft Defender into the overall security framework.Configure and manage the Microsoft Defender Firewall to protect network traffic and prevent unauthorized access.Utilize SmartScreen to enhance protection against phishing and malicious websites.2.USB Restrictions:Develop and enforce USB restriction policies to mitigate the risks associated with unauthorized external devices.Implement and manage controls to monitor and regulate USB device usage across the organization.3.Application Control:Deploy and maintain Application Control solutions to enhance application security (ring fencing, elevation control, etc)Define and enforce application control policies to prevent unauthorized applications and code execution.4.Security Incident Response:Participate in security incident response activities, leveraging Microsoft Defender capabilities to detect, investigate, and remediate security incidents.Collaborate with incident response teams to enhance the organization's overall security posture.5.Vulnerability Management:Collaborate with cross-functional teams, such as IT operations, application development, and network security, to ensure timely vulnerability identification and remediation.Conduct regular vulnerability assessments using industry-leading tools and techniques, and analyze the results to identify critical vulnerabilities and potential risksStay up-to-date with the latest security vulnerabilities, emerging threats, and industry best practices, and assess their potential impact on our systems and networks.Provide recommendations for security controls and measures to prevent or mitigate vulnerabilities based on industry best practices and regulatory requirements.6.Network Security:Provide engineering expertise to ensure changes to the enterprise network are designed and implemented in a secure mannerEvaluate firewall change requests – both on-premise and in the cloudDesign, enforce, and audit policy for various blades of a Next Generation Firewall (NGFW), load balancers, routers, switches, Wi-Fi controllers, etc.Follow, develop, and improve network and security configuration policies, standards, and proceduresAssist with the move towards a zero-trust methodologyOperate network filtering tools such as ZScaler Internet Access (ZIA) and Microsoft Defender for Cloud AppsAdminister email security platforms to filter malicious mail

7.Documentation and Reporting:Create comprehensive documentation for implemented security solutions, including configuration details, best practices, and troubleshooting guides.

Basic QualificationsBachelor’s Degree required from an accredited, not for profit university or college (preferably in Computer Science, Cybersecurity or a related field)A track record of commitment to prior employers5+ years total experience in engineering, including a minimum of 3 years in Security specific rolesExtensive experience in managing an EDR platform such as Microsoft DefenderExperience with incident response and familiarity with security incident management processes.Proven experience in vulnerability management, including vulnerability scanning, assessment, and remediation.Strong understanding of common security vulnerabilities and attack vectors, and knowledge of industry-standard vulnerability databases (e.g., CVE, CVSS, EPSS).Hands-on experience with vulnerability scanning tools (e.g., Nessus, Rapid7) and vulnerability management platforms.Experience with AWS networking – including NACL’s, security groups, NLB’s/ALB’s, transit gateway, and AWS Network FirewallExperience with Next Generation Firewalls, Web Applications Firewalls, Network and Application Load BalancersExpert knowledge of subnetting and segregation of networks

Preferred Skills:

Experience operating tools in a hybrid environment with a mix of on premise and cloud technologies

Knowledge of industry compliance standards and regulations.

Scripting and automation skills (Terraform, Perl, Python, PowerShell) for security-related tasks.

Excellent oral and written communication skills to work effectively with others regardless of departmental or geographic boundaries

Ability to produce detailed technical documentation

Knowledge of Azure DevOps, Terraform, and Agile Development methodologies

What’s in it for You

When you join CoStar Group, you’ll experience a collaborative and innovative culture working

alongside the best and brightest to empower our people and customers to succeed.

We offer you generous compensation and performance-based incentives. CoStar Group also invests in your professional and academic growth with internal training, tuition reimbursement, and an inter-office exchange program.

<br>

CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing