Compass Logo

Compass

Senior Manager, Incident Response & Forensics

Posted 9 Days Ago
Be an Early Applicant
Boston, MA
Senior level
Boston, MA
Senior level
Lead and develop Incident Response and Digital Forensics strategies, manage a technical team, enhance detection capabilities, and coordinate incident responses.
The summary above was generated by AI

At Compass, our mission is to help everyone find their place in the world. Founded in 2012, we’re revolutionizing the real estate industry with our end-to-end platform that empowers residential real estate agents to deliver exceptional service to seller and buyer clients.

Security @ Compass

The Security organization is a crucial business partner dedicated to protecting the company's information, systems, and reputation while enabling secure growth, product development, and innovation. Operating within the dynamic context of the leading public real estate company, our mandate includes developing and executing a comprehensive security strategy that addresses evolving threats and meets stringent regulatory requirements (SOX, Data Privacy law, GLBA, etc.). Key functions involve proactive risk management, robust security operations and engineering, secure architecture design, compliance oversight, incident response, and fostering a strong security culture. We collaborate across all business units to integrate security seamlessly into the development lifecycle and operational processes, ensuring the confidentiality, integrity, and availability of our services and data for our shareholders, agents, and stakeholders.

What You Will Do (Key Responsibilities):

  • Hands-On Leadership & Strategy: Develop, implement, and continuously improve the strategic roadmap for IR and Forensics, while actively participating in day-to-day operations, investigations, and response activities.
  • Team Development & Mentorship: Lead, mentor, coach, and develop a high-performing team through regular feedback and 1:1s, while fostering a collaborative environment. Grow and train multiple Incident Commanders within the organization.
  • Detection & Response Enhancement: Lead and contribute to detection and response capabilities, focusing on creating high-fidelity alerts and developing automated responses and runbooks for repeated events.
  • Incident Response Lifecycle Management: Own, refine, and participate in the end-to-end IR process (preparation, detection, analysis, containment, eradication, recovery, post-mortem) ensuring consistency, rigor, and adherence to frameworks across the company, subsidiaries, and joint partnerships.
  • Incident Command: Serve as a primary Incident Commander (IC) during significant security incidents, demonstrating calm, clear coordination and decision-making, while also developing this capability in others.
  • Digital Forensics & Investigation: Oversee and perform digital forensics activities across various platforms. Personally engage in challenging investigations to identify root cause and drive impactful responses, analyzing and correlating large, diverse datasets.
  • Post-Mortem & Improvement Cycle: Drive a rigorous post-mortem process focused on thorough root cause analysis and actionable remediation plans. Conduct regular assessments of detection and response controls to improve security posture and prevent regression.
  • AI Integration & SOC Optimization: Champion and guide the utilization of AI/ML techniques to improve threat detection, automate response, reduce analyst fatigue, and optimize SOC staffing/resource allocation. Collaborate closely with the Security Detection Engineers.
  • Automation & Telemetry: Drive an automation-first approach to IR and forensics tasks. Enhance and drive telemetry around the company platform and leveraged technologies to improve visibility and detection.
  • Collaboration & Partnership: Partner effectively with other information security teams, SOC, Threat Intelligence, Engineering, IT, Legal, Compliance, and business units to improve operational capabilities, provide preventative control feedback, and ensure alignment during incidents.
  • Communication & Reporting: Clearly communicate technical findings, security vulnerabilities, and remediation techniques in an accessible way to diverse audiences, including executive leadership. Define and report on KPIs for IR effectiveness.

Who You Are (Qualifications & Attributes):

  • Experienced Leader & Practitioner: Bachelor's degree in a relevant field or equivalent practical experience. 7+ years in cybersecurity, with 4+ years directly focused on hands-on Incident Response and/or Digital Forensics. 2+ years managing/leading technical teams, with demonstrated success in team growth through mentoring and coaching.
  • Technically Proficient: Deep understanding of IR lifecycle, cyber kill chain, MITRE ATT&CK, modern attacker exploits, and persistence techniques. Strong knowledge of operating systems, networking, and security infrastructure (SIEM, EDR, Forensics tools). Well-versed in event analysis/triage.
  • Domain Expertise: Demonstrate strong understanding in several of the following: Web Application Security, Cloud Infrastructure Security (AWS, GCP preferred), Network Security, Operating System Security, Identity and Access Management (IAM), including Okta, SaaS Security.
  • Investigative & Analytical: Enjoy the challenge of investigation, possess strong analytical and problem-solving skills, and have the ability to analyze and correlate across large datasets to drive remediation.
  • Automation Focused: You take an automation-first approach and understand leveraging automation to address security challenges at scale.
  • Strong Communicator: Excellent ability to communicate complex technical concepts clearly and concisely to both technical and non-technical audiences.
  • Collaborative & Empathetic: You are empathetic, accountable, and build trust. You foster psychological safety and inclusivity and excel at working across multiple departments.
  • Strategic & Proactive: Ability to prioritize team investments based on business goals and risk, proactively identify areas for growth and efficiency, and operate effectively in a fast-paced, public company environment.
  • Incident Command Presence: Proven experience leading as an Incident Commander during significant events.

Preferred Qualifications:

  • Master's degree in a relevant field.
  • Relevant industry certifications (e.g., CISSP, GCIH, GCFA, GCFE, GNFA, GREM, CHFI).
  • Experience applying AI/ML concepts to security use cases.
  • Experience with Security Orchestration, Automation, and Response (SOAR) platforms.
  • Proficiency in scripting languages (e.g., Python, PowerShell).
  • Familiarity with compliance frameworks (e.g., SOX, PCI-DSS, GDPR, CCPA).

Perks that You Need to Know About:

Participation in our incentive programs (which may include eligible cash, equity, or commissions). Plus paid vacation, holidays, sick time, parental leave, and recharge leave; medical, tele-health, dental and vision benefits; 401(k) plan; flexible spending accounts (FSAs); commuter program; life and disability insurance; Maven (a support system for new parents); Carrot (fertility benefits); UrbanSitter (caregiver referral network); Employee Assistance Program; and pet insurance.

 

Do your best work, be your authentic self.

At Compass, we believe that everyone deserves to find their place in the world — a place where they feel like they belong, where they can be their authentic selves, where they can thrive.  Our collaborative, energetic culture is grounded in our Compass Entrepreneurship Principles and our commitment to diversity, equity, inclusion, growth and mobility. As an equal opportunity employer, we offer competitive compensation packages, robust benefits and professional growth opportunities aimed at helping to improve our employees' lives and careers.

Notice for California Applicants

Los Angeles County Fair Chance Notice

Top Skills

Ai/Ml Techniques
Cloud Infrastructure (Aws
Edr
Forensics Tools
Gcp)
Powershell
Python
SIEM

Compass Boston, Massachusetts, USA Office

126 Newbury St, Boston, MA, United States

Similar Jobs

15 Hours Ago
Easy Apply
Woburn, MA, USA
Easy Apply
Mid level
Mid level
Machine Learning • Security • Software • Analytics • Defense
The Systems Administrator supports IT operations by managing Linux and Windows systems, configuring storage, and providing maintenance and support for production and development environments.
Top Skills: CentosFirewallLinuxMs Active DirectoryNas StorageNetworkingPowershellRed HatUbuntuWindows
Yesterday
Lexington, MA, USA
114K-171K Annually
Senior level
114K-171K Annually
Senior level
Aerospace • Artificial Intelligence • Hardware • Robotics • Security • Software • Defense
Lead IT operations for the east coast region, ensuring efficient performance and compliance of IT systems, managing teams, and resolving escalated issues.
Top Skills: Cloud ServicesLattice OsNetwork And Systems InfrastructureVtc Related Hardware And SoftwareZoom
Yesterday
Hybrid
Boston, MA, USA
134K-176K Annually
Senior level
134K-176K Annually
Senior level
Big Data • Fintech • Information Technology • Insurance • Financial Services
As an Information Security Consultant, you will conduct penetration tests, lead threat research, and oversee adversary simulation exercises. Your role includes analyzing intelligence to identify risks, developing threat detection rules, and advising on mitigation strategies. Collaboration with incident response teams is essential for evaluating and enhancing security controls.

What you need to know about the Boston Tech Scene

Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.

Key Facts About Boston Tech

  • Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
  • Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
  • Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
  • Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account