InfoSec Engineer II

MongoDB’s mission is to empower innovators to create, transform, and disrupt industries by unleashing the power of software and data. We enable organizations of all sizes to easily build, scale, and run modern applications by helping them modernize legacy workloads, embrace innovation, and unleash AI. Our industry-leading developer data platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available in more than 115 regions across AWS, Google Cloud, and Microsoft Azure. Atlas allows customers to build and run applications anywhere—on premises, or across cloud providers. With offices worldwide and over 175,000 new developers signing up to use MongoDB every month, it’s no wonder that leading organizations, like Samsung and Toyota, trust MongoDB to build next-generation, AI-powered applications.

Team

MongoDB is seeking a passionate Information Security Engineer to help expand MongoDB’s Information Security Program, specifically focusing on Application and Internal Product Security.

The MongoDB Security Team is responsible for the Information Security Program for MongoDB Inc; helping to reduce risk in our systems, company and to help establish trust in our product offerings and cloud services. Our customers are both our internal MongoDB employees and our external customers. 

This is an exciting chance to be part of a dynamic and innovative team with a lot of opportunities to grow. MongoDB prides itself on offering careers rather than jobs.

Role Description

MongoDB is looking for an experienced professional to join our security team. The ideal candidate will have at least 3+ years of experience in Information/Cyber Security. 

Primary focus of this role will be ensuring that new and existing internally facing applications are secure. This would include understanding the full application release lifecycles, penetration testing, assistance with code reviews and more. This role is technical but will also present an opportunity to improve company-wide processes focusing on application security. 

This position will report directly to the Senior Manager of Security Engineering & Application Security (EMEA-based).

This role can be based out of our London office or remotely in the Great Britain region.

Candidate Profile

We are seeking a highly skilled and motivated Infosec Engineer to join MongoDB’s security team. This individual will play a crucial role in safeguarding our organization’s systems and products by identifying and mitigating security risks. The ideal candidate will possess deep expertise in security assurance, penetration testing, and threat modeling, and will be well-versed in the latest security trends and vulnerabilities.

In this role, you will collaborate with cross-functional teams to ensure that security is integrated into the design and development of new features and products.

We are looking for someone who is proactive in presenting ideas with demonstrated problem-solving skills. Additionally, this role requires strong ability to multitask as well as solid communication skills. 

The ideal candidate for this role will have:

• Minimum 3+  years hands-on in identifying security vulnerabilities, software development lifecycle, and experience in cyber security
• Demonstrated success completing complex projects in previous roles
• Be familiar with different Cloud (Paas or SaaS) technologies (like AWS, GCP, Azure)
• Strong experience with application architecture reviews
• Experience with vulnerability management tools and processes
• Be Fluent in a variety of security technologies
• Demonstrated ability to create scripts and automated processes
• Have a background in threat modeling and advocating for technical changes to exceed customer expectations, including delivering reports to upper management
• Excellent written and verbal communication skills with the ability to adapt messaging to technical and non-technical audiences at all levels, including senior leadership
• Have at least a basic understanding of different Information Security standards and reports (e.g. SOC2, HIPAA, Fedramp)
• Experience working with technical teams on finding elegant solutions to complex problems, managing them to resolution and release
• A good grasp of current threat intelligence and modern attacker exploits
• Strong understanding of computer and network security and security protocols
• Certifications in the domain of penetration testing or application security (e.g. OSCP, OSWE, GWAPT, …)
• Bachelor's or Master's Degree in Cybersecurity, Computer Science, or related field

Position Expectations

• Experience in assessing the security posture of systems/services
• Experience in penetration testing and providing mitigating controls
• Strong engineering background and programming experience (Python, Golang, Rust, Bash, etc.)
• Strong communication skills and ability to work with remote teams
• Results and goal-oriented
• Rapidly understand and assess new technologies
• Communicate security threats, assessments and risks as well as make recommendations
• Educate Engineers and Product teams on the importance of Application Security and Vulnerability Management
• Work Cross functionally with multiple teams on establishing new processes and improving existing
• Ability to create documentation when needed as well as defend and execute on findings

This is an important role in helping mature the capabilities of the Information Security Program for a breakthrough company disrupting a $80B market. This position has significant growth potential, and we’re seeking someone excited to take the initiative and help secure our company. This position is based out of our London office or remote. 

To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!

MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.

MongoDB is an equal opportunities employer.