The Team CBRE Global Cyber Security Office - The Global CSO's mission is to mitigate cyber security risk by actively working with the CBRE business, Digital & Technology and other partner organizations (Compliance, Risk Mgmt., Audit, & Legal) to seamlessly integrate security processes, tools, and people into the business culture providing a holistic security ecosystem, driving continuous improvements and seamless protection / monitoring capabilities globally.
We are working to build a progressive development team with a mindset toward being agile and solving problems iteratively. Being in a senior position at the start of this team, we would want you to help shape the direction of the team moving forward.
You do not have to have experience in all skills listed to be qualified for the position. If you have years' worth of relevant similar experience we still want to talk to you.
Installing, configuring, and administrating technologies for the Security Pipeline including SAST, DAST, IAST, SCA, secret scanning, etc...
Building automation and governance around organization secrets management
Developing with modern frameworks such as Ruby on Rails, and Vue.js
Collecting metrics from DevSecOps tools and implementing appsec log ingestion at scale using tools such as ELK, Sensu, Influx, or Prometheus
Collaborate with internal security team members, and development teams across the globe to automate security tooling and processes to reduce the organization's security risk, while allowing teams to stay agile, and focused on their respective areas
Learning and espousing secure coding practices to developers from all over the world
Experience with conceptualization and implementation of a Security Champions program
Have well founded opinions and be willing to express your disagreement when something doesn't pass the 'smell test' for you.
Required Knowledge and Skills:
4-5 yrs. of Linux systems administrator experience or equivalent skills.
3-5 yrs. of experience or equivalent skills with DevOps or CICD pipelines (Jenkins, Concourse, etc.).
Strong experience with automating multiple systems.
Databases such as Postgres, MySQL, and MS SQL Server.
Source control with Git, and codehosts such as Github, Gitlab, etc.
Experience or understanding of Infrastructure as Code (Terraform, CloudFormation, etc.), and configuration management tools such as Chef, Ansible, or SaltStack.
Experience with two or more clouds. At least one of which must be AWS, or Azure.
Development frameworks in multiple languages such as Django, Angular, React, React Native, etc.
Containerization with Docker, and related orchestration tools such as Kubernetes, Nomad, etc.
Security focused mindset, in addition to experience with security-oriented tooling, threat modeling, etc.
Bachelor's degree (BA/BS) in a related field of work or equivalent work experience.
Desirable Knowledge and Skills:
Experience with the Microsoft ecosystem is a plus
Directory services like AD, and LDAP
Experience with ServiceNow's REST API
Internal Number: 19014950
With broader and deeper capabilities than any other company, CBRE is the leading full-service real estate services and investment organization in the world.
CBRE Group, Inc. is the world’s largest commercial real estate services and investment firm, with 2017 revenues of $14.2 billion and more than 80,000 employees (excluding affiliate offices). CBRE has been included in the Fortune 500 since 2008, ranking #214 in 2017. It also has been voted the industry’s top brand by the Lipsey Company for 17 consecutive years, and has been named one of Fortune’s “Most Admired Companies” in the real estate sector for six years in a row. Its shares trade on the New York Stock Exchange under the symbol “CBRE.”
CBRE offers a broad range of integrated services, including facilities, transaction and project management; property management; investment management; appraisal and valuation; property leasing; strategic consulting; property sales; mortgage services and development services.