Software Security Engineer
LoopNet.com is the largest Commercial Real Estate marketing platform that connects Real Estate professionals around the country.
A Software Security Engineer is responsible for software design review, static code analysis, and implements toolset from a security perspective, identify and resolve security issues.
Perform automated penetration testing, and security assessments (SAST and DAST) at each phase of the software development lifecycle, to result in robust and reliable software.
Identify malicious users and create countermeasure strategy by capturing system analytics and detect security threat with machine learning algorithms
Perform reactive incident response when a security event occurs; engineer will maintain a vulnerability/remediation tracking database and produce monthly Security Assessment Report to accurately reflect the statistics and current status of the environments
Work with development teams to prioritize and remediate identified security vulnerabilities
Scale our infrastructure (on/off premise) to support our growing ecosystem
Improve system performance, reliability and maintainability
Adhere to industry standard security best practices
Write automation, monitoring, diagnostic and debugging tools
Bachelor's degree in Computer Science, a related technical field involving systems engineering.
Strong understanding of cryptographic algorithms, encryption schemes, authentication protocols (ie OAuth2, SAML, etc) and familiar with security compliance requirements such as PCI DSS
Must be familiar with known attack schemes such as Buffer Overflows, Distributed Denial of Service (DDoS), Cross-Site Scripting (XSS), SQL Injection, and Request Forgery
Candidate must be self-motivated, systematic problem-solving, great communicator, have a sense of ownership and drive
Experience with windows, Unix/Linux operating systems internals and administration (e.g., filesystems, system rpc calls, etc) or networking (e.g., TCP/IP, routing, network topologies and hardware, SDN, etc.).
Expertise in analyzing, troubleshooting, and make correction on large-scale distributed systems.
Experience in one or more of the following: Cloud platforms AWS/ GCP, Docker, Python, Serverless
Ability to debug, profiling, optimize code and to automate routine tasks.
System load testing and baseline measurement
CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing
Cross Site Scripting (Xss)
Amazon Web Services