0 suggestions are available, use up and down arrow to navigate them
What job do you want?

Identity & Access Management (IAM) Engineer job in Washington at CoStar Group

Create Job Alert.

Get similar jobs sent to your email

List of Jobs

Apply to this job.
Think you're the perfect candidate?
Identity & Access Management (IAM) Engineer at CoStar Group

Identity & Access Management (IAM) Engineer

CoStar Group Washington, DC Full-Time
Identity & Access Management (IAM) Engineer

Job Description

Identity and Access Management (IAM) Engineer


CoStar delivers real-time, verified commercial real estate data that helps clients confidently spot great opportunities and make smart choices ahead of competitors. By combining the power of CoStar’s independent research organization – the industry’s largest – with global data delivery, software, and application solutions, clients can act on opportunities with confidence.


We are looking for an experienced IAM engineer to join our Identity and Access Management team. This individual will work with their team members to enhance the security of our corporate environment by developing processes and implementing technology around user identity and access management and zero-trust methodologies.

Securely connect 5000 employees to all corporate resources, and connect 800 technology developers and engineers to resources across AWS, Azure, GCP, and an 8000 VMware IaaS infrastructure, all through a zero trust framework.

Opportunity to work in an advanced security operation that is responsible for securing the data and products behind 35 websites serving 75M global visitors/mo, running on top of multiple private and public clouds.

This position has the opportunity for hybrid work with up to two days remote per week. Four-day work weeks are also an option for those applicants that are interested.


Be a subject matter expert for identity provisioning and security
Create complex scripts, functions and modules using PowerShell and Python
Implement, execute, and support critical IAM processes, including overall identity management, access management, provisioning/de-provisioning, user onboarding/offboarding, and access certifications/review
Work with internal stakeholders to configure internal applications for use with Ping and Azure AD SSO
Support PingIdentity solutions for SSO, MFA, and federation (PingOne, PingID, and PingFederate)
Support Azure identity solutions for SSO, MFA, and federation
Manage zero-trust remote access tools
Troubleshoot domain controller issues such as high CPU, replication and object issues
Troubleshoot MFA and Single-Sign on issues with Duo, Ping, Azure AD
Identify potential threats, exploit attempts and other security events related to IAM. Make recommendations and/or take action to mitigate these issues as appropriate. Actively contribute to and participate in security incident response as needed.
Work with the Security Team to remediate critical security findings as they relate to identity
Identify and implement opportunities for technology, automation, and security enhancements for IAM functions


Bachelor's Degree
5+ years experience in a technical role such as security, network, systems, or software engineer with at least 3 years focused on IAM.
3+ years of experience engineering IAM solutions in AWS, Azure, or a large scale IDP implementation (Okta, Ping, AzureAD, etc)
3+ years of experience working with SIEM and advanced logging/correlation tools.
Experience with CyberArk or AzureAD
2+ years writing PowerShell or Python scripts from scratch


Strong knowledge of modern authentication standards, protocols, and frameworks: LDAP, SAML, OAUTH2, OIDC, FIDO2, Kerberos, SCIM, WS-Federation, JWT.
Strong knowledge of SSO integration for SaaS-based and private applications using PingOne, PingFederate, Azure AD, Okta, OneLogin or similar products.
Strong knowledge of MFA integration into the authentication, authorization, and SSO process for applications and systems.
Knowledge of IAM governance tools such as SailPoint, Saviynt, and Azure Active Directory.
Understanding of common security concerns within a typical application (password hashing, SSL/TLS, encrypting at rest and in transit, etc.)
Understanding of common IAM security defense tools and methodologies, such as Bloodhound, Mimikatz, Password Spray, rainbow tables, cryptography, etc.
Understanding of LDAP directory architecture and products such as Active Directory, OpenLDAP, and Radiant Logic.
Understanding of identity governance concepts and best practices.
Understanding of IAM modeling and implementation for "Big Three" cloud providers: AWS, Azure, GCP
Understanding of HashiCorp Terraform language for deployment of resources into cloud providers.
Demonstrated experience automating common operational tasks, web service/API integration, and deployment activities in scripting/programming languages (e.g. PowerShell, Python, Perl, etc.)
Familiarity with PAM tools (CyberArk, SecretServer, BeyondTrust, Hashcorp Vault, etc.) for credential escrow, vaulting, and retrieval.
Able to investigate identity related security incidents with cross a functional team of security engineers


Founded in 1987, CoStar Group is the leading provider of commercial real estate information, analytics, and online marketplaces. Our suite of online services enables clients to analyze, interpret and gain unmatched insight on commercial property values, market conditions and current availability. Behind some of the most well-known brands in the industry, CoStar Group includes CoStar, the largest provider of CRE research and real-time data; LoopNet, the most heavily trafficked mobile and online real estate marketplace;, the premier rental home resource for renters, property managers and owners; STR, the leading provider of performance benchmarking and comparative analytics to the hotel industry; BizBuySell, the largest online marketplace for businesses-for-sales; and Lands of America, the leading operator of online marketplaces for rural real estate.

Headquartered in Washington, DC, CoStar Group maintains offices throughout the U.S. and in Europe, Canada, and Asia with a staff of over 4,300 worldwide.


Working at CoStar Group means you'll enjoy a culture of collaboration and innovation that attracts the best and brightest across a broad range of disciplines. In addition to generous compensation and performance-based incentives, you'll be supported in both your professional and academic growth with internal training, tuition reimbursement, and an inter-office exchange program.

Our benefits package includes (but is not limited to):

Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug
Life, legal, and supplementary insurance
Commuter and parking benefits
401(K) retirement plan with matching contributions
Employee stock purchase plan
Paid time off
Tuition reimbursement
On-site fitness center and/or reimbursed fitness center membership costs (location dependent),
Complimentary gourmet coffee, tea, hot chocolate, prepared foods, fresh fruit, and other healthy snacks

Be part of a team of professionals enjoying the opportunity to learn, do, and grow in a rewarding atmosphere. But don't just take our word for it - see why our team chose to work at and stay at CoStar Group:


Recommended Skills

  • Api
  • Active Directory Group
  • Architecture
  • Automation
  • Cryptography
  • Cyberark
Apply to this job.
Think you're the perfect candidate?

Job ID: 2ecc86ce189d95b0