Talent.com
Senior SaaS Security Engineer
Senior SaaS Security EngineerCoStar Group • Arlington, Texas, USA
Senior SaaS Security Engineer

Senior SaaS Security Engineer

CoStar Group • Arlington, Texas, USA
22 days ago
Job type
  • Full-time
Job description

Senior SaaS Security Engineer

Job Description

Overview

CoStar Group (NASDAQ : CSGP) is a leading global provider of commercial and residential real estate information analytics and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100 CoStar Group is on a mission to digitize the worlds real estate empowering all people to discover properties insights and connections that improve their businesses and lives.

We have been living and breathing the world of real estate information and online marketplaces for over 35 years giving us the perspective to create truly unique and valuable offerings to our customers. Weve continually refined transformed and perfected our approach to our business creating a language that has become standard in our industry for our customers and even our competitors. We continue that effort today and are always working to improve and drive innovation. This is how we deliver for our customers our employees and investors. By equipping the brightest minds with the best resources available we provide an invaluable edge in real estate.

Were hiring a Senior SaaS Security Engineer to help us evolve our corporate environment to enable our mission and help build a strong practice in SaaS Application Security.

This position is located in Richmond or Arlington VA and is in office Monday through Thursday and work from home on Friday.

Responsibilities

Program & Strategy

  • Build the enterprise SaaS Security program : charter operating model RACI roadmap control framework mapping to ISO 27001 and KPIs.
  • Stand up a single source of truth for SaaS inventory (shadow IT included) integrating procurement SSO / IDP network / DNS / forward proxy CASB / SSE SSPM and expense data.
  • Define SaaS risk tiering and baseline control requirements by data classification and business criticality.

Architecture & Engineering

  • Implement and operationalize SSPM and extend existing capabilities in CASB / SSE : continuous posture assessment misconfiguration detection and auto-remediation pipelines.
  • Engineer governed OAuth / consent patterns across IDP and key platforms (e.g. Salesforce Microsoft 365 / Entra ID Workday Atlassian and Others) :
  • Enterprise app catalogs pre-approved scopes just-in-time reviews least privilege scopes refresh token hygiene IP / session restrictions device trust signals token revocation patterns.
  • Define and enforce SSO / MFA mandates SCIM provisioning tenant segmentation conditional access DLP for SaaS and API logging / telemetry standards.
  • Establish secure configuration baselines and policy-as-code (e.g. Terraform / OPA / CLI automations) for major SaaS platforms.

    • Detection & Response

  • Integrate SaaS signals (SSPM / CASB platform event logs like Salesforce Event Monitoring M365 Okta / Entra) into SIEM / SOAR with detection content for OAuth abuse anomalous consent data exfiltration Admin drift and risky API usage.
  • Author and exercise SaaS IR playbooks : token theft response consent rollback key rotation scope reduction app quarantine containment & comms forensics & lessons learned.

    • Governance Risk & Compliance Partnership

  • Codify SaaS security standards and exception management with GRC; embed control checks into procurement / vendor risk and IT change processes.
  • Align to SOX ITGC privacy (e.g. GDPR / CCPA) regulatory audits and customer assurance (SOC 2 / ISO) evidence.

    • Enablement & Change Management

  • Drive business adoption : curated enterprise app catalog secure patterns training for Admins and app owners and migration plans for risky patterns.
  • Publish dashboards and metrics for leadership (coverage high-risk apps misconfig posture incident MTTR consent trends).

    • Basic Qualifications

  • Bachelors Degree required from an accredited not for profit university or college.
  • A track record of commitment to prior employers
  • 8 years in security with 3 years specializing in SaaS security across large enterprises (5k employees).
  • Deep expertise in OAuth 2.0 / OIDC SAML SCIM JWT / PKCE token hygiene / rotation consent governance and least-privilege scopes.
  • Hands-on with one or more major SaaS ecosystems at scale : Salesforce (Connected Apps Shield Event Monitoring) Microsoft 365 / Entra ID Google Workspace ServiceNow Workday Slack Atlassian.
  • Operationalizing SSPM and / or CASB / SSE; integrating IDP signals into SIEM / SOAR; building detections and automations.
  • Strong grasp of NIST 800-53 / CSF ISO 27001 CIS Controls v8 CSA CCM and mapping to SaaS controls.
  • Incident response experience for SaaS / OAuth / token compromise scenarios.
  • Scripting / automation (e.g. Python PowerShell or Node) and IaC / policy-as-code experience.

    • Preferred Qualifications and Skills

  • Prior leadership of a SaaS / OAuth security initiative from zero-to-one in a complex enterprise.
  • Experience with DLP data classification eDiscovery / legal hold in SaaS.
  • Familiarity with SOX ITGC and privacy-by-design in SaaS workflows.
  • Certifications : CISSP CCSP CCSK vendor accreditations (e.g. Salesforce Security & Privacy AP Okta / Entra certs).
  • Evidence of thought leadership (runbooks talks open-source / policy-as-code contributions).

    • Whats in it for You

    When you join CoStar Group youll experience a collaborative and innovative culture working alongside the best and brightest to empower our people and customers to succeed.

    We offer you generous compensation and performance-based incentives. CoStar Group also invests in your professional and academic growth with internal training and tuition reimbursement.

    Our benefits package includes (but is not limited to) :

  • Comprehensive healthcare coverage : Medical / Vision / Dental / Prescription Drug
  • Life legal and supplementary insurance
  • Virtual and in person mental health counseling services for individuals and family
  • Commuter and parking benefits
  • 401(K) retirement plan with matching contributions
  • Employee stock purchase plan
  • Paid time off
  • Tuition reimbursement
  • On-site fitness center and / or reimbursed fitness center membership costs (location dependent) with yoga studio Pelotons personal training group exercise classes
  • Access to CoStar Groups Diversity Equity & Inclusion Employee Resource Groups
  • Complimentary gourmet coffee tea hot chocolate fresh fruit and other healthy snacks

    • We welcome all qualified candidates who are currently eligible to work full-time in the United States to apply. However please note that CoStar Group is not able to provide visa sponsorship for this position.

    #LI-DB3

    CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing

    Required Experience :

    Senior IC

    Key Skills

    Car Driving,Access,CFA,Excel,Irrigation,Marine Services

    Employment Type : Full-Time

    Experience : years

    Vacancy : 1

    Create a job alert for this search

    Senior Security Engineer • Arlington, Texas, USA

    Related jobs
    Sr Security Engineer

    Sr Security Engineer

    Michaels Stores • Irving, TX, United States
    Full-time +1
    As a Sr Security Engineer, you will work on complex technical security solutions across multiple technology stacks.You work closely with development, DevOps, and infrastructure team members to buil...Show more
    Last updated: 5 days ago • Promoted
    Senior Staff Application Security Engineer

    Senior Staff Application Security Engineer

    Starcom Mediavest Group Germany Gmbh • Irving, TX, United States
    Full-time
    You will help to ensure the secure delivery of Epsilon's software applications by designing and implementing secure coding practices, conducting advanced security testing through application securi...Show more
    Last updated: 3 days ago • Promoted
    Senior Engineer - Information Security

    Senior Engineer - Information Security

    Varite • Irving, TX, United States
    Full-time
    Monday, Wednesday and Thursday onsite Tuesday and Friday Remote.We are seeking an experienced Senior Vulnerability Management Engineer to support the organization's vulnerability management program...Show more
    Last updated: 17 days ago • Promoted
    Security Engineer

    Security Engineer

    Bilt • Grapevine, TX, United States
    Full-time
    BILT - Global Brand Support Center, Grapevine, Texas 76051.BILT Incorporated is a fast-growing software-as-a-service company revolutionizing instructions and training for consumers and professional...Show more
    Last updated: 30+ days ago • Promoted
    Application Security Engineer with SAST & DAST

    Application Security Engineer with SAST & DAST

    Syntricate Technologies • Irving, TX, United States
    Full-time
    Application Security Engineer with SAST & DAST.Dallas, TX or Tampa, FL or Jersey City, NJ.Security Engineer with DAST & SAST experience with scripting knowledge (JS, Python).Conducting Static Appli...Show more
    Last updated: 30+ days ago • Promoted
    Cloud Security Architect Senior Engineer

    Cloud Security Architect Senior Engineer

    Citigroup Inc • Irving, TX, United States
    Full-time
    Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and...Show more
    Last updated: 30+ days ago • Promoted
    Lead Application Security Engineer

    Lead Application Security Engineer

    Saxon Global • Irving, TX, United States
    Full-time
    Minimum of 5+ years of experience in Information Security or a related role encompassing security compliance, penetration testing, vulnerability management, and / or static code analysis.Prior experi...Show more
    Last updated: 4 days ago • Promoted
    Sr Security Engineer, Detection Engineering

    Sr Security Engineer, Detection Engineering

    Lennar Homes • Irving, TX, United States
    Full-time
    Sr Security Engineer, Detection Engineering We are Lennar Lennar is one of the nation's leading homebuilders, dedicated to making an impact and creating an extraordinary experience for their Homeow...Show more
    Last updated: 3 days ago • Promoted
    Security Engineer I

    Security Engineer I

    Kubota • Grapevine, TX, United States
    Full-time
    Applicants must live within the Dallas / Ft.Applicants must be authorized to work for any employer in the U.We are unable to sponsor or take over sponsorship of an employment Visa at this time.BASIC ...Show more
    Last updated: 5 days ago • Promoted
    Senior Engineer - Information Security

    Senior Engineer - Information Security

    On-Board Companies • Irving, TX, United States
    Full-time
    Senior Engineer - Information Security.For immediate consideration please send your resume to resumes@onboardusa.Subject Line : Position Title and State you are Located. On-Board Services, Incorporat...Show more
    Last updated: 17 days ago • Promoted
    Senior Data Security Solution Engineer

    Senior Data Security Solution Engineer

    Microsoft Corporation • Irving, TX, United States
    Full-time
    OverviewAre you insatiably curious and do you lean into uncertainty, take risks, and learn quickly from? Are you passionate about data security?Are you ready to join the team that is at the leading...Show more
    Last updated: 17 days ago • Promoted
    Sr. Cybersecurity Engineer

    Sr. Cybersecurity Engineer

    NewRez LLC • Coppell, TX, United States
    Full-time
    Exceed the expectations of our residential mortgage borrowers & business partners through superior service, simple processes, and effective communications. We deliver on this mission by empowering o...Show more
    Last updated: 17 days ago • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    Apex Informatics • Irving, TX, United States
    Temporary
    Cyber Security Engineer with Checkmarx(Mandatory).Locations : AZ, CA, MN, NC, NY, NJ & TX (Hybrid), (3 days onsite / 2 WFH). Provide hands on technical support for Checkmarx and Checkmarx ONE platform....Show more
    Last updated: 14 days ago • Promoted
    Security Engineer

    Security Engineer

    Gartner • Irving, TX, United States
    Full-time
    We are seeking an experienced Security Engineer specializing in Privileged Access Management (PAM) to join our Identity Management team. In this mission-critical role, you will implement and maintai...Show more
    Last updated: 27 days ago • Promoted
    Senior Staff Application Security Engineer

    Senior Staff Application Security Engineer

    Publicis Groupe Holdings B.V • Irving, TX, United States
    Full-time
    You will help to ensure the secure delivery of Epsilon's software applications by designing and implementing secure coding practices, conducting advanced security testing through application securi...Show more
    Last updated: 30+ days ago • Promoted
    Sr Security Engineer, Detection Engineering

    Sr Security Engineer, Detection Engineering

    Lennar • Irving, TX, United States
    Full-time
    Sr Security Engineer, Detection Engineering.Lennar is one of the nation's leading homebuilders, dedicated to making an impact and creating an extraordinary experience for their Homeowners, Communit...Show more
    Last updated: 16 days ago • Promoted
    Lead Application Security Engineer / Veracode / CheckMarx

    Lead Application Security Engineer / Veracode / CheckMarx

    ShiftCode Analytics • Irving, TX, United States
    Full-time
    We need A Senior (10+ years) Lead Application security engineer with excellent experience working with Varacode and CheckMarx along with other security tools. Leader with hands-on engineer with cros...Show more
    Last updated: 3 days ago • Promoted
    Application Security Engineer

    Application Security Engineer

    Charles Schwab • Southlake, TX, United States
    Full-time
    At Schwab, you're empowered to make an impact on your career.Here, innovative thought meets creative problem solving, helping us "challenge the status quo" and transform the finance industry togeth...Show more
    Last updated: 25 days ago • Promoted