Senior Product Security Engineer
| Company | CoStar Group |
|---|---|
| Location | Irvine, CA, USA, San Diego, CA, USA |
| Salary | $114200 – $203500 |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior |
Requirements
- Bachelor’s Degree required from an accredited, not for profit university or college (preferably in Computer Science, Cybersecurity or a related field)
- 4+ years of hands-on security engineering experience in one or more of the following domains: Securing cloud-native environments (AWS preferred), Kubernetes platform hardening or monitoring, CI/CD pipelines, containerized application deployments, and IAC, CDN Security
- Demonstrated ability to author scripts or IAC from scratch in either Python, PowerShell, Ansible, CloudFormation, Terraform, or similar language
- Experience working in a software development environment with a mature CI/CD
- Passion for solving complex challenges, innovating, and engaging in your work
Responsibilities
- Build real-time security feedback loops (IDE & CI/CD), gate environment builds, manage WAF/Bot controls. Cloud IAM security and automation at large scale.
- Enforce cloud security posture (AWS, GCP, Azure), secure Kubernetes runtime, manage federated IAM at scale.
- Enable incident response teams to hunt for threats, build run-time monitoring on cloud-native workloads, incident response escalation paths.
- Integrate automated scanning tools into CI/CD pipelines, implement IaC solutions, and drive automated remediation processes
- Work closely with product dev teams to provide feedback on secure coding practices, proactively guide them on risk remediation.
Preferred Qualifications
- Strong communication skills with both software development and software leadership audiences
- Experience with tools like AWS GuardDuty, Security Hub, EKS, OPA/Gatekeeper, Falco, Wiz, Datadog, Prisma Cloud, Aqua, Snyk, or similar
- Hands-on experience with CDN and WAF security solutions, especially Akamai (preferred), or comparable platforms such as Cloudflare, AWS (CloudFront + WAF), and similar providers.
- Knowledge of infrastructure operations across databases, network, and system administration
- Ability to communicate with different levels of leadership conveying risk and driving urgency for risk remediation.
- Familiarity with zero trust principles and cloud-native access controls (e.g. IAM roles, service meshes.)
- Ability to mentor and train team members to prioritize security efforts effectively.
- A self-starter who can advance the application security program and follow-through ideas to completion.
- Hands-on experience implementing security tools into CI/CD pipelines.
- Experience testing serverless cloud deployments