CI/CD Security Engineer
CI/CD Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Job Description
Overview
CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information analytics and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100 CoStar Group is on a mission to digitize the worlds real estate empowering all people to discover properties insights and connections that improve their businesses and lives.
We have been living and breathing the world of real estate information and online marketplaces for over 35 years giving us the perspective to create truly unique and valuable offerings to our customers. Weve continually refined transformed and perfected our approach to our business creating a language that has become standard in our industry for our customers and even our competitors. We continue that effort today and are always working to improve and drive innovation. This is how we deliver for our customers our employees and investors. By equipping the brightest minds with the best resources available we provide an invaluable edge in real estate.
Our Product Security team is seeking aCI/CD Security Engineerto take ownership of critical systems that underpin our software development lifecycle. This role is ideal for someone with a DevOps mindset and a passion for secure engineering practices. Youll be responsible for managing and securing platforms such asAzure DevOpsGitHub Enterprise andHashiCorp Vault ensuring they are resilient compliant and aligned with security best practices.
This position bridges the gap between cybersecurity and DevOps offering a unique opportunity to lead systemic improvements in how code repositories build pipelines and secrets vaults are governed. Youll collaborate closely with development and operations teams to identify risks and implement sustainable solutions.
This position is located in Arlington VA and is in office Monday through Thursday and work from home on Friday.
Responsibilities
- Own and secure CI/CD platforms including Azure DevOps GitHub Enterprise and HashiCorp Vault including RBAC branch policies mandatory security checks and secrets management.
- Identify and remediate systemic risks in build pipelines code repositories and secrets management.
- Roll out and tune GHAS/CodeQL/Dependabot or equivalents; drive org-wide adoption with minimal developer friction.
- Partner with DevOps contributors to improve tooling and workflows without disrupting release velocity.
- Develop and maintain security controls automation scripts and monitoring systems for CI/CD environments.
- Advocate for secure-by-design principles across the software delivery lifecycle.
- Document processes and provide guidance to cross-functional teams on secure CI/CD practices.
- Build monitoring and detections for CI/CD abuse; create incident playbooks and break-glass procedures.
- Govern secrets for human and non-human identities with HashiCorp Vault (namespaces policies auth backends dynamic secrets rotation audit).
- Deliver guardrails as code (Terraform policy-as-code) and document secure paved-road patterns in reusable modules.
Basic Qualifications
- Bachelors Degree required from an accredited not for profit university or college.
- 5 years in Security or DevOps roles with 2 years administering CI/CD at a large enterprise scale.
- A track record of delivering long-term impact to prior employers.
- Proven experience with CI/CD platforms and DevOps tools (e.g. Azure DevOps GitLab GitHub Enterprise Jenkins Vault).
- Experience at a large enterprise scale implementing security controls for CI/CD workloads including:
- CODEOWNERS
- Cleartext secret detection and prevention.
- Artifact integrity and supply chain security.
- Short-lived credentials to enforce least privilege.
- Security relevant audit logging to support incident response.
- Strong understanding of software development workflows and release engineering.
- Familiarity with infrastructure-as-code containerization and cloud-native security.
- Ability to communicate effectively with both cybersecurity and engineering teams.
- A collaborative spirit and respect for shared ownership models in DevOps environments.
Preferred Qualifications and Skills
- Organization-wide rollout of GitHub Advanced Security (secret scanning CodeQL Dependabot) or equivalent in Azure DevOps GitLab or similar.
- Hands-on with OIDC/JWT workload identity from CI to cloud (AWS/Azure/GCP) and least-privilege IAM design.
- Familiarity with NIST SSDF SLSA and CNCF supply-chain projects; policy-as-code (OPA/Conftest) for SDLC gates.
- Experience building detections for CI/CD abuse and integrating provider audit logs into SIEM.
- Container supply-chain security (base image curation registry controls image scanning admission policies).
Whats in it for You
When you join CoStar Group youll experience a collaborative and innovative culture working alongside the best and brightest to empower our people and customers to succeed.
We offer you generous compensation and performance-based incentives. CoStar Group also invests in your professional and academic growth with internal training and tuition reimbursement.
Our benefits package includes (but is not limited to):
- Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug
- Life legal and supplementary insurance
- Virtual and in person mental health counseling services for individuals and family
- Commuter and parking benefits
- 401(K) retirement plan with matching contributions
- Employee stock purchase plan
- Paid time off
- Tuition reimbursement
- On-site fitness center and/or reimbursed fitness center membership costs (location dependent) with yoga studio Pelotons personal training group exercise classes
- Access to CoStar Groups Diversity Equity & Inclusion Employee Resource Groups
- Complimentary gourmet coffee tea hot chocolate fresh fruit and other healthy snacks
We welcome all qualified candidates who are currently eligible to work full-time in the United States to apply. However please note that CoStar Group is not able to provide visa sponsorship for this position.
#LI-AR
CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing
Employment Type
Full-Time
