Compass
Senior Manager, Security Engineering
At Compass, our mission is to help everyone find their place in the world. Founded in 2012, we’re revolutionizing the real estate industry with our end‑to‑end platform that empowers residential real estate agents to deliver exceptional service to seller and buyer clients.
Senior Manager, Platform Security Compass is seeking a Senior Manager, Platform Security to lead and mature our security programs across our AWS cloud infrastructure, application security (AppSec), and product security. This critical leadership role will secure the end‑to‑end technology stack of our core real estate platform, utilized by over 45,000 agents and 1 million consumers. The ideal candidate will balance rapid business growth with a robust security posture in a challenging, resource‑constrained environment.
About The Role As the Senior Manager of Platform Security, you’ll be a key member of the security leadership team, reporting to the CISO. You will define and execute the strategic roadmap for securing our cloud environment and the Compass platform. You will manage and mentor a team of highly senior individual contributors while collaborating with product and engineering teams to embed security seamlessly into the development lifecycle.
Key Responsibilities
Strategic Leadership: Develop and implement a comprehensive security strategy for cloud, application, and product security that aligns with business objectives and key security frameworks like NIST CSF and CIS Controls.
Team Management: Lead and mentor a team of security engineers and architects, fostering a culture of ownership, continuous improvement, and collaboration with the broader Product & Engineering organization.
Cloud Security: Oversee the security of our AWS environment, focusing on implementing “golden path” guardrails, improving visibility, and remediating identified risks. This includes securing our infrastructure, network, and IAM configurations.
Application & Product Security: Drive the maturation of our application security program by integrating security into the CI/CD pipeline, conducting design reviews, and managing the security review backlog. Work closely with product teams to ensure security is a core component of new feature development.
Vulnerability Management: Collaborate with the Offensive Security team to manage and prioritize the remediation of vulnerabilities across the platform and applications.
Cross‑Functional Collaboration: Partner with key stakeholders, including the CTO, SVP of Product & Engineering, and other technical leaders, to ensure security initiatives are well‑understood, prioritized, and delivered. Address and mitigate critical security gaps, such as those related to our recent M&A activities and agent‑facing systems.
AI Security: Demonstrate expertise in applying Artificial Intelligence (AI) and Machine Learning (ML) to Cloud and Application Security. The candidate will understand the AI‑specific threat landscape (e.g., data poisoning, prompt injection) and have hands‑on experience with modern AI‑powered security platforms such as MCP Servers, CNAPP, XDR, and AI‑enhanced SAST/DAST. Lead the organization in developing robust AI security governance frameworks and the secure adoption of AI‑driven technologies.
Metrics & Reporting: Define and track key performance indicators (KPIs) and risk indicators (KRIs) to measure the effectiveness of the security program and provide regular updates to senior leadership and the Audit Committee.
Qualifications
Experience: Minimum of 10 years of experience in information security, with at least 3 years in a leadership role managing cloud and application security teams.
Technical Expertise: Deep understanding of AWS security services and best practices. Experience with application security testing (SAST/DAST), secure development lifecycles, and DevOps security. Familiarity with our security tech stack (e.g., Wiz, Crowdstrike, Okta, AWS, Signal Sciences/Fastly WAF, API Security Gateways) is a plus.
Leadership Skills: Proven ability to lead and motivate a senior, high‑performing team. Excellent communication and interpersonal skills, with the ability to influence and build consensus across technical and business functions.
Strategic Mindset: Strong business acumen and a pragmatic approach to security. Prioritize projects based on risk and business impact, especially in a tight budget and resource‑constrained environment.
Education & Certifications: Bachelor’s degree in Computer Science, Information Security, or a related field. Relevant certifications such as CISSP, CSSLP, or AWS Certified Security – Specialty are highly desirable.
Compensation and Benefits Base pay range: $210,000–$245,000 (may vary based on job‑related knowledge, skills, and experience). Bonuses and restricted stock units may be provided as part of the compensation package. Benefits include paid vacation, holidays, sick time, parental leave, recharge leave; medical, tele‑health, dental and vision; 401(k) plan; flexible spending accounts (FSAs); commuter program; life and disability insurance; Maven (support system for new parents); Carrot (fertility benefits); UrbanSitter (caregiver referral network); Employee Assistance Program; and pet insurance. Minimum wage for the position will always be met.
Equal Opportunity Employer As an equal opportunity employer, we offer competitive compensation packages, robust benefits and professional growth opportunities aimed at helping to improve our employees’ lives and careers.
Notice for California Applicants Los Angeles County Fair Chance Notice
#J-18808-Ljbffr
Senior Manager, Platform Security Compass is seeking a Senior Manager, Platform Security to lead and mature our security programs across our AWS cloud infrastructure, application security (AppSec), and product security. This critical leadership role will secure the end‑to‑end technology stack of our core real estate platform, utilized by over 45,000 agents and 1 million consumers. The ideal candidate will balance rapid business growth with a robust security posture in a challenging, resource‑constrained environment.
About The Role As the Senior Manager of Platform Security, you’ll be a key member of the security leadership team, reporting to the CISO. You will define and execute the strategic roadmap for securing our cloud environment and the Compass platform. You will manage and mentor a team of highly senior individual contributors while collaborating with product and engineering teams to embed security seamlessly into the development lifecycle.
Key Responsibilities
Strategic Leadership: Develop and implement a comprehensive security strategy for cloud, application, and product security that aligns with business objectives and key security frameworks like NIST CSF and CIS Controls.
Team Management: Lead and mentor a team of security engineers and architects, fostering a culture of ownership, continuous improvement, and collaboration with the broader Product & Engineering organization.
Cloud Security: Oversee the security of our AWS environment, focusing on implementing “golden path” guardrails, improving visibility, and remediating identified risks. This includes securing our infrastructure, network, and IAM configurations.
Application & Product Security: Drive the maturation of our application security program by integrating security into the CI/CD pipeline, conducting design reviews, and managing the security review backlog. Work closely with product teams to ensure security is a core component of new feature development.
Vulnerability Management: Collaborate with the Offensive Security team to manage and prioritize the remediation of vulnerabilities across the platform and applications.
Cross‑Functional Collaboration: Partner with key stakeholders, including the CTO, SVP of Product & Engineering, and other technical leaders, to ensure security initiatives are well‑understood, prioritized, and delivered. Address and mitigate critical security gaps, such as those related to our recent M&A activities and agent‑facing systems.
AI Security: Demonstrate expertise in applying Artificial Intelligence (AI) and Machine Learning (ML) to Cloud and Application Security. The candidate will understand the AI‑specific threat landscape (e.g., data poisoning, prompt injection) and have hands‑on experience with modern AI‑powered security platforms such as MCP Servers, CNAPP, XDR, and AI‑enhanced SAST/DAST. Lead the organization in developing robust AI security governance frameworks and the secure adoption of AI‑driven technologies.
Metrics & Reporting: Define and track key performance indicators (KPIs) and risk indicators (KRIs) to measure the effectiveness of the security program and provide regular updates to senior leadership and the Audit Committee.
Qualifications
Experience: Minimum of 10 years of experience in information security, with at least 3 years in a leadership role managing cloud and application security teams.
Technical Expertise: Deep understanding of AWS security services and best practices. Experience with application security testing (SAST/DAST), secure development lifecycles, and DevOps security. Familiarity with our security tech stack (e.g., Wiz, Crowdstrike, Okta, AWS, Signal Sciences/Fastly WAF, API Security Gateways) is a plus.
Leadership Skills: Proven ability to lead and motivate a senior, high‑performing team. Excellent communication and interpersonal skills, with the ability to influence and build consensus across technical and business functions.
Strategic Mindset: Strong business acumen and a pragmatic approach to security. Prioritize projects based on risk and business impact, especially in a tight budget and resource‑constrained environment.
Education & Certifications: Bachelor’s degree in Computer Science, Information Security, or a related field. Relevant certifications such as CISSP, CSSLP, or AWS Certified Security – Specialty are highly desirable.
Compensation and Benefits Base pay range: $210,000–$245,000 (may vary based on job‑related knowledge, skills, and experience). Bonuses and restricted stock units may be provided as part of the compensation package. Benefits include paid vacation, holidays, sick time, parental leave, recharge leave; medical, tele‑health, dental and vision; 401(k) plan; flexible spending accounts (FSAs); commuter program; life and disability insurance; Maven (support system for new parents); Carrot (fertility benefits); UrbanSitter (caregiver referral network); Employee Assistance Program; and pet insurance. Minimum wage for the position will always be met.
Equal Opportunity Employer As an equal opportunity employer, we offer competitive compensation packages, robust benefits and professional growth opportunities aimed at helping to improve our employees’ lives and careers.
Notice for California Applicants Los Angeles County Fair Chance Notice
#J-18808-Ljbffr