Senior SaaS Security Engineer - CoStar - Arlington, VA

Senior SaaS Security Engineer

Job Description

Overview

CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100, CoStar Group is on a mission to digitize the world’s real estate, empowering all people to discover properties, insights and connections that improve their businesses and lives.

We have been living and breathing the world of real estate information and online marketplaces for over 35 years, giving us the perspective to create truly unique and valuable offerings to our customers. We’ve continually refined, transformed and perfected our approach to our business, creating a language that has become standard in our industry, for our customers, and even our competitors. We continue that effort today and are always working to improve and drive innovation. This is how we deliver for our customers, our employees, and investors. By equipping the brightest minds with the best resources available, we provide an invaluable edge in real estate.

We’re hiring a Senior SaaS Security Engineer to help us evolve our corporate environment to enable our mission and help build a strong practice in SaaS Application Security.

This position is located in Richmond or Arlington, VA, and is in office Monday through Thursday and work from home on Friday.

Responsibilities

Program & Strategy

* Build the enterprise SaaS Security program: charter, operating model, RACI, roadmap, control framework mapping to ISO 27001, and KPIs.
* Stand up a single source of truth for SaaS inventory (shadow IT included), integrating procurement, SSO/IDP, network/DNS/forward proxy, CASB/SSE, SSPM, and expense data.
* Define SaaS risk tiering and baseline control requirements by data classification and business criticality.

Architecture & Engineering

* Implement and operationalize SSPM and extend existing capabilities in CASB/SSE: continuous