Senior Offensive Security Engineer (IT)

CoStar Group
Washington, DC
Jun 16, 2019
Jun 19, 2019
Full Time
Senior Offensive Security Engineer (IT)Job DescriptionCoStar Group: CoStar Group, Inc. (NASDAQ - CSGP) ( is commercial real estate's leading provider of information and analytic services.Founded in 1987, CoStar conducts expansive, ongoing research to produce and maintain the largest and most comprehensive database of commercial real estate information. Our suite of online services enables clients to analyze, interpret and gain unmatched insight on commercial property values, market conditions and current availabilities.Headquartered in Washington, DC, CoStar maintains offices throughout the US and in Europe with a staff of approximately 4,000 worldwide, including the industry's largest professional research organization.Job Description: Senior Offensive Security Engineer Overview & Responsibilities:We are looking for a smart, creative and passionate Senior Security Engineer to help continue improving our information security posture at The CoStar Group. You will engage with development, DevOps, SecOps, Security and other teams of The CoStar Group helping drive and shape the way we manage the protection of our customers and our ever growing data environment.We're looking for someone who will take the lead in building out our offensive security capacity to test our internal and external facing processes and applications. This position will be tasked with developing test plans to validate identified vulnerabilities and demonstrate the exploitation of the vulnerabilities. The ability to explain the exploit to senior level management is key to success in this role. Additionally, staying current with trends, techniques and tools used by attackers are critical skills for this role. We will want this Engineer to mentor other security team members to increase the overall knowledge of the Security Team about Offensive Security and build new members of the Offensive Security Team. The successfully candidate will be a self-starter motivated to learn new technologies and tools and assist in moving offensive security forward as it is implemented within the CoStar Enterprise.Qualifications & Requirements:Bachelor's Degree in Computer Science/Cyber Security (or related field)Security certification such as OSCP, OSWP, GPEN or similar certification a plusMinimum 6 years' experience in Information SecurityScripting/programming skills (Perl, Python, PowerShell) and strong ethical hacking skillsTechnical Skills/Experience:Footprinting networks and systemsUsing security tools like NMAP, DirBuster, Nikto, OWASP-ZAP, SQLMap, John The Ripper, WireShark, EtterCap, AirCrack, NetCat, Burp Suite, Samurai, Kali Linux, Empire, MetaSpoit, Cobalt Strike and similar toolsExpertise in Web Application testing is preferredWindows Active Directory exploitation tools and techniquesCreate penetration testing projects for CoStar's stable of Web Applications and participate in remediation and validation effortsConduct threat hunting in the CoStar enterpriseDevelop routine monthly and quarterly tests of the CoStar infrastructure to assist in maturing our security posturePrimary lead for new offensive security projects.Business Skills/Experience:Requires excellent oral and written communication skills to work effectively with others regardless of departmental or geographic boundariesRequires the ability to produce detailed technical documentationRequires proficiency with PC software applications, E-Mail, and job associated applications/systems to expediently process workRequires experience developing and presenting recommendations using PowerPoint to peers and managementRequires good organization skills to produce quality work, within required specifications, and within scheduled timelinesThe position requires individual initiative and ability to influence events, rather than passively accepting them, in order to achieve goals. This means being proactive and a self-starter and going beyond specific job responsibilities to ensure goals are achieved or exceededCoStar offers a competitive base salary and benefits which include:Comprehensive medical, dental, prescription and vision benefits with a choice of two plans.Company-paid life insurance for one time's your annual base salary to a maximum of $300,000 per year.Company-paid long-term and short-term disability benefits.Paid vacation, sick days and personal days.401K with 100% match up to 4%DC Office Benefits:Work for an environmentally conscious company in an environmentally friendly building.LEED Gold CertifiedAvailable Segways and bikes for personal use with training provided for free!$100 / month in Metro SmartCard BenefitsGreen roofElectric vehicle charging stations onsite.Underground parkingComplete fitness center with locker rooms onsiteOnsite YogaBeautiful roof top terrace with expansive views of the city; great for lunch and after work hangoutsFresh fruit, juice, vegetables, and yogurts stocked dailyFull HD video conference system between any CoStar officeCoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing