CoStar Group

Sr. Security Engineer

CoStar Group$110K — $140K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's Degree in a relevant field from an accredited institution.
  • 5+ years of experience in Information Security or Security Engineering.
  • Possession of industry-recognized certifications (e.g., CISSP, SANS/GIAC, CCNA).
  • Strong expertise in AWS networking and security configurations.
  • Hands-on experience with Next Generation Firewalls (NGFWs) and load balancers.
  • Proficient in scripting or automation with Python, PowerShell, or similar languages.
  • Deep knowledge of networking principles such as subnetting and isolation.

Responsibilities

  • Provide engineering expertise for secure enterprise network changes in on-prem and cloud settings.
  • Audit and enhance current network designs for improved security.
  • Evaluate firewall change requests for on-premise and cloud setups.
  • Design, audit, and enforce security policies for various network infrastructures.
  • Manage the Secure Service Edge (SSE) platform effectively.
  • Collaborate with teams to assess SaaS security architecture and control mechanisms.
  • Monitor AI systems for security risks and ensure safe integration with enterprise tools.

Benefits

  • Comprehensive healthcare coverage including medical, vision, dental, and prescription drugs.
  • Life, legal, and supplementary insurance options available.
  • Access to mental health counseling services, both virtual and in-person.
  • 401(K) retirement plan with matching contributions to secure your future.
  • Paid time off to support work-life balance and personal time.
  • Tuition reimbursement to aid in your professional development.
  • Rich fitness perks including on-site gym access and reimbursements for fitness memberships.
  • Participation in Diversity, Equity, & Inclusion Employee Resource Groups for a supportive workplace environment.
Full Job Description
Sr. Security Engineer

Job Description

Overview

We are seeking a Senior Security Engineer with experience in Network, SaaS, and AI Security to help evolve and safeguard CoStar's enterprise security posture across network infrastructure, cloud services, SaaS platforms, and emerging AI systems.

This role expands upon traditional network security engineering to include SaaS security governance and AI security risk management, supporting both human and machine-driven workflows. The ideal candidate brings deep technical capability, strong security judgment, and the ability to communicate security concepts effectively to both technical and non-technical audiences across the enterprise.

This position can be located in Arlington or Richmond, VA and is in office Monday through Thursday and work from home on Friday.

Responsibilities

Network & Cloud Security
  • Provide engineering expertise to ensure enterprise network changes are designed and implemented securely (on-prem and cloud).
  • Audit existing network designs and infrastructure configurations and recommend improvements to security posture.
  • Evaluate firewall change requests across on-premise and cloud environments.
  • Design, enforce, and audit policies for Next Generation Firewalls (NGFW), load balancers, routers, switches, and wireless infrastructure.
  • Manage Secure Service Edge (SSE) platform

SaaS Security
  • Partner with application owners and third-party risk teams to review SaaS security architecture and control effectiveness.
  • Operate and tune SaaS security tooling (e.g., CASB/SSE capabilities) to detect risky behavior, misconfigurations, and data exfiltration paths.
  • Define and enforce SaaS security standards for logging, identity integration, and least-privilege access.
  • Support SaaS incident investigation and remediation efforts in coordination with legal, privacy, and compliance teams.
  • Develop reusable SaaS security review patterns and documentation for engineering and procurement teams.

AI & Emerging Technology Security
  • Assess security risks associated with AI platforms, copilots, and agent-based systems, including model access controls, prompt/data leakage risks, and tool/plugin abuse.
  • Partner with engineering teams to design security controls for AI-assisted workflows and developer tools.
  • Contribute to governance models for AI usage, including enforcement of network, identity, and data security boundaries.
  • Monitor AI-related telemetry and logs to identify anomalous behavior, data exposure, or misuse patterns.
  • Support threat modeling and risk assessments for AI integrations with enterprise systems and SaaS platforms.
  • Stay current on AI security threats, abuse patterns, and control frameworks, translating them into actionable enterprise safeguards.


Basic Qualifications
  • Bachelor's Degree is required from an accredited, not for profit, in-person university or college.
  • A track record of commitment to prior employers
  • 5+ years of experience in Information Security or Security Engineering.
  • One or more industry-recognized certifications (e.g., CISSP, SANS/GIAC, CCNA, equivalent).
  • Strong experience securing AWS networking (NACLs, Security Groups, ALB/NLB, Transit Gateway, Network Firewall).
  • Hands-on experience with NGFWs, WAFs, load balancers, and enterprise network segmentation.
  • Strong scripting or automation skills (Python, PowerShell, or similar).
  • Deep understanding of subnetting, routing, and network isolation principles.
  • Experience with SaaS security platforms, CASB, or SSE tooling.


Preferred Qualifications and Skills
  • Familiarity with identity-driven security models (SSO, OAuth, API tokens, service principals).
  • Working knowledge of Azure DevOps, Terraform, or infrastructure-as-code workflows.
  • Experience operating in large, complex enterprise environments.
  • Ability to produce high-quality technical documentation and security standards.
  • Strong communication and collaboration skills across technical and non-technical teams.
  • Exposure to AI systems, model-assisted tooling, or developer copilots in an enterprise context.


What's in it for You

When you join CoStar Group, you'll experience a collaborative and innovative culture working alongside the best and brightest to empower our people and customers to succeed.

We offer you generous compensation and performance-based incentives. CoStar Group also invests in your professional and academic growth with internal training, and tuition reimbursement.

Our benefits package includes (but is not limited to):
  • Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug
  • Life, legal, and supplementary insurance
  • Virtual and in person mental health counseling services for individuals and family
  • Commuter and parking benefits
  • 401(K) retirement plan with matching contributions
  • Employee stock purchase plan
  • Paid time off
  • Tuition reimbursement
  • On-site fitness center and/or reimbursed fitness center membership costs (location dependent), with yoga studio, Pelotons, personal training, group exercise classes
  • Access to CoStar Group's Diversity, Equity, & Inclusion Employee Resource Groups
  • Complimentary gourmet coffee, tea, hot chocolate, fresh fruit, and other healthy snacks


We welcome all qualified candidates who are currently eligible to work full-time in the United States to apply. However, please note that CoStar Group is not able to provide visa sponsorship for this position.

#LI-KW1

About CoStar Group

CoStar Group is a provider of information, analytics and marketing services to the commercial property industry in the United States, Canada, the United Kingdom, France, Germany, and Spain. Founded in 1987 by Andrew C. Florance, the company has grown to include online database CoStar and many online marketplaces, including Apartments.com, LoopNet, Lands of America, and BizBuySell. CoStar Group was founded in 1987 by Andrew C. Florance in Washington, D.C. In 1998, the company became a public company via an initial public offering on the NASDAQ, raising $22.5 million. In 2004, CoStar Group, Inc. v. LoopNet, Inc. became a landmark case in copyright law. In October 2009, the company acquired a building in Washington, D.C., now its headquarters, from the Mortgage Bankers Association for $41.3 million. The building had sold 2 years earlier for $79 million and the company claims it used its analytics data to know the right time to buy. In April 2012, CoStar Group acquired LoopNet for $860 million. In April 2014, the company acquired Apartments.com for $585 million. In April 2015, the company acquired Apartment Finder for $170 million. In July, the company acquired Belbex an online marketplace and information provider for commercial property based in Spain. In February 2017, the company acquired Westside Rentals. In February 2018, the company acquired ForRent.com from Dominion Enterprises for $350 million in cash and $35 million in stock. In October, the company acquired Realla.co an online marketplace for commercial property based in the United Kingdom. In November, the company acquired Cozy Services for $68 million.
Learn more about CoStar Group
Size
4,742 employees
Market Cap
$31.3 billion
Industry
Net Income
$227.1 million
Founded
1987
5 Year Trend
+18.3%
Revenue
$1.6 billion
NASDAQ

Similar Jobs

More Jobs at CoStar Group

More Information Technology Jobs

Find similar Sr. Security Engineer jobs: