Senior Application Security Engineer

Sydney - Australia

Monthly Salary: Not Disclosed

Posted on: 3 days ago

Vacancies: 1 Vacancy

Job Summary

Senior Application Security Engineer

Job Description

CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information analytics and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100 CoStar Group is on a mission to digitize the worlds real estate empowering all people to discover properties insights and connections that improve their businesses and lives.

We have been living and breathing the world of real estate information and online marketplaces for over 35 years giving us the perspective to create truly unique and valuable offerings to our customers. Weve continually refined transformed and perfected our approach to our business creating a language that has become standard in our industry for our customers and even our competitors. We continue that effort today and are always working to improve and drive innovation. This is how we deliver for our customers our employees and investors. By equipping the brightest minds with the best resources available we provide an invaluable edge in real estate.

Domain is a leading property technology and services marketplace that is home to one of the largest portfolios of property brands in Australia including the Domain Allhomes and Commercial Real Estate (CRE) 2025 Domain became part of CoStar Group (NASDAQ: CSGP) a global leader in commercial real estate information analytics online marketplaces and 3D digital twin technology. Together Domain and CoStar Group is dedicated to digitising the worlds real estate empowering all people to discover properties insights and connections that improve their businesses and lives.

A great opportunity for a Senior Application Security Engineer play a pivotal role in enhancing our Application Security (AppSec) practices ensuring that security is embedded throughout the software development lifecycle.

You are a seasoned expert who not only possesses deep technical knowledge but also excels at building relationships and collaborating across teams. Reporting to the Group Engineering Manager - Product Security you will be instrumental in embedding security throughout the software development lifecycle working directly with our development teams to guide and advise them on best practices. A key part of the role will be to drive the implementation and adoption of some of the initiatives from our Application Security Framework. You will also provide crucial support to our Governance Risk & Compliance (GRC) and Security Operations teams ensuring our posture is resilient compliant and ready to respond to threats.

Responsibilities:

Proactively embedding security into the software development lifecycle by conducting implementation reviews of solution designs and leading threatmodellingsessions.
Lead efforts to integrate security into DevOps processes promoting a culture of security awareness and ownership.
Performing hands-on security code reviews and acting as a key security advisor to development teams providing guidance on addressing vulnerabilities and best practices.
Managing andoperatingour security tools including those that are integrated into the CI/CD pipeline.
Partnering with the Governance Risk & Compliance (GRC)and Security Operations teams to ensure adherence to relevant regulations and industry standards and collaborating and supporting the investigation and response to security incidents.

Experience and Education:

Essential

Minimum education of a bachelors degree in relevant information and technology fields
5 years in a Product/Application Security orDevSecOpsrole.
Strong knowledge of DevOps principles and practices as well as security best practices.
Strong problem-solving and communication skills.
Collaborative and teamwork-oriented mindset.
Proficiencyin scripting and automation (e.g. Java C/C C# Python JavaScript PowerShell)
Experience with container security (Docker ECS Kubernetes) and cloud security (AWS Azure or GCP).

Preferred

Tertiary qualifications in Computer Science Software EngineeringCybersecurityor a related field.
Relevant certifications (e.g. AWS Certified Security - Speciality GPEN OSCP OSCE) are highly desirable.
Extensive experience and strong understanding of AWS services and cloud security controls including but not limited to IAM KMS VPC Security Groups AWS Inspector GuardDutyand SCPs.

CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing

Required Experience:

Senior IC

Senior Application Security EngineerJob DescriptionCoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information analytics and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100 CoStar Group is on a mission to digitize the worlds re...

Senior Application Security Engineer

Job Description

Responsibilities:

Proactively embedding security into the software development lifecycle by conducting implementation reviews of solution designs and leading threatmodellingsessions.
Lead efforts to integrate security into DevOps processes promoting a culture of security awareness and ownership.
Performing hands-on security code reviews and acting as a key security advisor to development teams providing guidance on addressing vulnerabilities and best practices.
Managing andoperatingour security tools including those that are integrated into the CI/CD pipeline.
Partnering with the Governance Risk & Compliance (GRC)and Security Operations teams to ensure adherence to relevant regulations and industry standards and collaborating and supporting the investigation and response to security incidents.

Experience and Education:

Essential

Minimum education of a bachelors degree in relevant information and technology fields
5 years in a Product/Application Security orDevSecOpsrole.
Strong knowledge of DevOps principles and practices as well as security best practices.
Strong problem-solving and communication skills.
Collaborative and teamwork-oriented mindset.
Proficiencyin scripting and automation (e.g. Java C/C C# Python JavaScript PowerShell)
Experience with container security (Docker ECS Kubernetes) and cloud security (AWS Azure or GCP).

Preferred

Tertiary qualifications in Computer Science Software EngineeringCybersecurityor a related field.
Relevant certifications (e.g. AWS Certified Security - Speciality GPEN OSCP OSCE) are highly desirable.
Extensive experience and strong understanding of AWS services and cloud security controls including but not limited to IAM KMS VPC Security Groups AWS Inspector GuardDutyand SCPs.

CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing

Required Experience:

Senior IC