Edge Security Engineer

About The Position

Requirements

• Bachelor’s Degree required from an accredited, not for profit, in person university or college.
• A track record of commitment to prior employers.
• 4+ years of experience in edge security, web application security, or managing CDN security platforms such as Akamai, Cloudflare, Imperva, DataDome, Fastly, AWS WAF, or similar technologies for high-traffic web properties. Equivalent depth in another security domain with significant CDN exposure is also considered.
• Hands-on experience with WAF policy tuning, bot management, and rate limiting on a major CDN platform.
• Familiarity with OWASP Top 10, API security best practices, and traffic analysis.
• Ability to collaborate across Product, Security, DevOps, Legal, and development teams.
• Demonstrated ability to author scripts or automation in Python, JavaScript, or similar languages.
• Experience with dashboards and log analysis tools such as Akamai WSA, OpenSearch, or Athena.
• Strong written and verbal communication skills with both technical and non-technical audiences.

Nice To Haves

• Hands-on experience across the Akamai security suite, including Kona Site Defender, Bot Manager, Client Reputation, and Site Shield.
• Experience designing and tuning bot detection across multiple signal types, including device fingerprinting, behavioral analysis, residential proxy detection, and machine learning scoring models.
• Familiarity with threat intelligence sources and using indicators (IPs, ASNs, fingerprints) to inform edge security policies.
• Experience leading or supporting security incidents at the edge, including DDoS mitigation, scraping events, or active exploitation of web applications.
• Scripting and Infrastructure as code proficiency (Python, Terraform, Ansible, etc.) for automation and reporting.
• Understanding how edge security integrates with origin infrastructure across public and private clouds.
• Familiarity with compliance frameworks (NIST, ISO 27001, PCI DSS).

Responsibilities

• Lead CDN Security strategy and operations across CoStar's 50+ high-traffic web properties, including Akamai Kona policy design, tuning to minimize false positives, and protection against OWASP, DDoS, and emerging threat patterns.
• Drive bot management and anti-scraping across the portfolio. This means policy design, score tuning, and digging into how scrapers are actually getting through, including residential proxy abuse and low-and-slow patterns.
• Analyze edge traffic patterns to detect anomalies and respond to security incidents.
• Support secure deployment and scaling of edge security controls across cloud and CDN environments.
• Provide edge security across 50+ high traffic websites, spanning distinct web tech stacks and threat profiles.

Benefits

• Generous compensation and performance-based incentives.
• Internal training, and tuition reimbursement.
• Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug
• Life, legal, and supplementary insurance
• Virtual and in person mental health counseling services for individuals and family
• Commuter and parking benefits
• 401(K) retirement plan with matching contributions
• Employee stock purchase plan
• Paid time off
• Tuition reimbursement
• On-site fitness center and/or reimbursed fitness center membership costs (location dependent), with yoga studio, Pelotons, personal training, group exercise classes
• Access to CoStar Group’s Employee Resource Groups
• Complimentary gourmet coffee, tea, hot chocolate, fresh fruit, and other healthy snacks