Product Security Engineer
Engineering @ Compass
Compass is building the first modern end-to-end real estate platform by integrating agents, buyers & sellers through technology. Before Compass, no one has achieved the blend of the Natural Intelligence that hundreds of thousands of enterprising real estate agents bring to this market, with the Artificial Intelligence that cloud, mobile & AI technologies enable.
As one of the fastest growing technology companies of our generation, in an industry larger than any other, we have an opportunity & obligation to build a world-class engineering team & the operating platform that will transform the real estate industry. In 2019 we tripled the size of our Product & Engineering team, & are searching for creative & inspiring colleagues at all levels of the engineering organization to join us as we continue to expand in 2020.
Security @ Compass
We are hands-on security engineers helping to build secure, resilient, & scalable web apps, mobile apps, & platform for the real estate industry. We work with a diverse set of teams to provide & support transparent & automated security tooling & services. We architect secure web products, perform simulated attacks, identify weaknesses, & work with teams to remediate & protect our products. You will lead our effort to build security as a service to drive safe-by-default environments & drive customer trust.
What you will do:
- Enable autonomy for engineers via safe-by-default tooling, & ensure engineering velocity is maintained by automating security requirements & building security as code
- Design, build, & automate the security hardening mechanisms to keep the Compass product & our customers safe
- Conduct regular security architecture reviews, vulnerability assessments, & code review for the Compass platform to proactively find potential vulnerabilities
- Be a partner to teams while evaluating & providing security guidance on new product features, processes, tooling, & services
- Drive telemetry & vulnerability taxonomy across the Product & Engineering Platform
Who you are:
- You are empathetic & accountable while helping contribute to improving our security program & continuing to build our customers trust
- You take an automation-first approach to everything you do. You understand the challenges of scale for security & leverage automation whenever possible
- You are passionate about embedding security throughout the software development lifecycle & collaborating with development teams to help build secure applications
- Demonstrated experience performing security reviews, validation, & implementation to the software development life cycle
- Ability to communicate about security vulnerabilities & remediation techniques in an accessible way to a variety of audiences
- Enjoy collaborating & performing threat modeling exercises & help design secure applications with embedded security principles & good practices
- Experience working with any programming languages & ability to facilitate automation used as part of the secure SDLC (SAST, DAST, IAST, RASP)
- Comfortable teaching & leading development teams toward better security outcomes
- Desire to grow & solve new challenges as Compass architecture rapidly evolves
At Compass, our mission is to help everyone find their place in the world. This means we continually celebrate the diverse community different individuals cultivate. As an equal opportunity employer, we stay true to our mission by ensuring that our place can be anyones place. Our entrepreneurship principles bind us together & inform how we tackle the tremendous challenges ahead.
Check out our Engineering blog!