Senior Manager, Security Engineering

At Compass, our mission is to help everyone find their place in the world. Founded in 2012, we’re revolutionizing the real estate industry with our end-to-end platform that empowers residential real estate agents to deliver exceptional service to seller and buyer clients.

Senior Manager, Platform Security

Compass is seeking a Senior Manager, Platform Security to lead and mature our security programs across our AWS cloud infrastructure, application security (AppSec), and product security. This is a critical leadership role responsible for securing the end-to-end technology stack of our core real estate platform, utilized by over 45,000 agents and 1 million consumers. The ideal candidate will be a pragmatic leader who can balance the need for rapid business growth with a robust security posture in a challenging, resource-constrained environment.

About The Role

As the Senior Manager of Platform Security, you'll be a key member of the security leadership team, reporting to the CISO. You will be responsible for defining and executing the strategic roadmap for securing our cloud environment and the Compass platform. This role requires a leader who can effectively manage and mentor a team of highly senior and skilled individual contributors while collaborating with product and engineering teams to embed security seamlessly into the development lifecycle.

Key Responsibilities

• Strategic Leadership: Develop and implement a comprehensive security strategy for cloud, application, and product security that aligns with business objectives and key security frameworks like NIST CSF and CIS Controls.
• Team Management: Lead and mentor a team of security engineers and architects, fostering a culture of ownership, continuous improvement, and collaboration with the broader Product & Engineering organization.
• Cloud Security: Oversee the security of our AWS environment, focusing on implementing "golden path" guardrails, improving visibility, and remediating identified risks. This includes securing our infrastructure, network, and IAM configurations.
• Application & Product Security: Drive the maturation of our application security program by integrating security into the CI/CD pipeline, conducting design reviews, and managing the security review backlog. Work closely with product teams to ensure security is a core component of new feature development.
• Vulnerability Management: Collaborate with the Offensive Security team to manage and prioritize the remediation of vulnerabilities across the platform and applications.
• Cross-Functional Collaboration: Partner with key stakeholders, including the CTO, SVP of Product & Engineering, and other technical leaders, to ensure security initiatives are well-understood, prioritized, and delivered. Address and mitigate critical security gaps, such as those related to our recent M&A activities and agent-facing systems.
• AI Security: Proven expertise in applying Artificial Intelligence (AI) and Machine Learning (ML) to Cloud and Application Security. The successful candidate will demonstrate a deep understanding of the AI-specific threat landscape (e.g., data poisoning, prompt injection) and have hands-on experience with modern AI-powered security platforms such as MCP Servers, CNAPP, XDR, and AI-enhanced SAST/DAST. This strategic role requires the ability to develop and implement robust AI security governance frameworks and lead the organization in the secure adoption of AI-driven technologies.
• Metrics & Reporting: Define and track key performance indicators (KPIs) and risk indicators (KRIs) to measure the effectiveness of the security program and provide regular updates to senior leadership and the Audit Committee.

Qualifications

• Experience: Minimum of 10 years of experience in information security, with at least 3 years in a leadership role managing cloud and application security teams.
• Technical Expertise: Deep understanding of AWS security services and best practices. Experience with application security testing (SAST/DAST), secure development lifecycles, and DevOps security. Familiarity with our security tech stack (e.g., Wiz, Crowdstrike, Okta, AWS, Signal Sciences/Fastly WAF, API Security Gateways) is a plus.
• Leadership Skills: Proven ability to lead and motivate a senior, high-performing team. Excellent communication and interpersonal skills, with the ability to influence and build consensus across technical and business functions.
• Strategic Mindset: Strong business acumen and a pragmatic approach to security. The ability to prioritize projects based on risk and business impact, especially in a tight budget and resource-constrained environment.
• Education & Certifications: Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications such as CISSP, CSSLP, or AWS Certified Security - Specialty are highly desirable.

Compensation: The base pay range for this position is $210,000-$245,000; however, base pay offered may vary depending on job-related knowledge, skills, and experience. Bonuses and restricted stock units may be provided as part of the compensation package, in addition to a full range of benefits. Base pay is based on market location. Minimum wage for the position will always be met.

Perks that You Need to Know About:

Participation in our incentive programs (which may include eligible cash, equity, or commissions). Plus paid vacation, holidays, sick time, parental leave, and recharge leave; medical, tele-health, dental and vision benefits; 401(k) plan; flexible spending accounts (FSAs); commuter program; life and disability insurance; Maven (a support system for new parents); Carrot (fertility benefits); UrbanSitter (caregiver referral network); Employee Assistance Program; and pet insurance.

  Do your best work, be your authentic self. At Compass, we believe that everyone deserves to find their place in the world — a place where they feel like they belong, where they can be their authentic selves, where they can thrive.  Our collaborative, energetic culture is grounded in our Compass Entrepreneurship Principles and our commitment to diversity, equity, inclusion, growth and mobility. As an equal opportunity employer, we offer competitive compensation packages, robust benefits and professional growth opportunities aimed at helping to improve our employees' lives and careers.

Notice for California Applicants

Los Angeles County Fair Chance Notice