Senior Product Security Engineer

Engineering @ Compass 

Compass is building the first modern end-to-end real estate platform by integrating agents, buyers and sellers through technology. Before Compass, no one has achieved the blend of the Natural Intelligence that hundreds of thousands of enterprising real estate agents bring to this market, with the Artificial Intelligence that cloud, mobile and AI technologies enable.

As one of the fastest growing technology companies of our generation, in an industry larger than any other, we have an opportunity and obligation to build a world-class engineering team and the operating platform that will transform the real estate industry. In 2019 we tripled the size of our Product & Engineering team, and are searching for creative and inspiring colleagues at all levels of the engineering organization to join us as we continue to expand in 2020.

Security @ Compass 

We are hands-on security engineers helping to build secure, resilient, and scalable web apps, mobile apps, and platform for the real estate industry.  We work with a diverse set of teams to provide and support transparent and automated security tooling and services. We architect secure web products, perform simulated attacks, identify weaknesses, and work with teams to remediate and protect our products.  You will lead our effort to build security as a service to drive safe-by-default environments and drive customer trust.  

What you will do:  

• Enable autonomy for engineers via safe-by-default tooling, and ensure engineering velocity is maintained by automating security requirements and building security as code
• Design, build, and automate the security hardening mechanisms to keep the Compass product and our customers safe
• Conduct regular security architecture reviews, vulnerability assessments, and code review for the Compass platform to proactively find potential vulnerabilities
• Be a partner to teams while evaluating and providing security guidance on new product features, processes, tooling, and services
• Drive telemetry and vulnerability taxonomy across the Product and Engineering Platform

Who you are: 

• You are empathetic and accountable while helping contribute to improving our security program and continuing to build our customers’ trust
• You take an automation-first approach to everything you do. You understand the challenges of scale for security and leverage automation whenever possible
• You are passionate about embedding security throughout the software development lifecycle and collaborating with development teams to help build secure applications
• Demonstrated experience performing security reviews, validation, and implementation to the software development life cycle
• Ability to communicate about security vulnerabilities and remediation techniques in an accessible way to a variety of audiences
• Enjoy collaborating and performing threat modeling exercises and help design secure applications with embedded security principles and good practices
• Experience working with any programming languages and ability to facilitate automation used as part of the secure SDLC (SAST, DAST, IAST, RASP)
• Comfortable teaching and leading development teams toward better security outcomes
• Desire to grow and solve new challenges as Compass’ architecture rapidly evolves
  

At Compass, our mission is to help everyone find their place in the world. This means we continually celebrate the diverse community different individuals cultivate. As an equal opportunity employer, we stay true to our mission by ensuring that our place can be anyone’s place. Our entrepreneurship principles bind us together and inform how we tackle the tremendous challenges ahead.

Check out our Engineering blog!