MongoDB
Senior Product Security Engineer, Detection & Response
MongoDB, New York, NY
MongoDB’s mission is to empower innovators to create, transform, and disrupt industries by unleashing the power of software and data. We enable organizations of all sizes to easily build, scale, and run modern applications by helping them modernize legacy workloads, embrace innovation, and unleash AI. Our industry-leading developer data platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available in more than 115 regions across AWS, Google Cloud, and Microsoft Azure. Atlas allows customers to build anywhere—on the edge, on premises, or across cloud providers. With offices worldwide and over 175,000 developers joining MongoDB every month, it’s no wonder that leading organizations, like Samsung and Toyota, trust MongoDB to build next-generation, AI-powered applications.Who You AreWith a strong security engineering background, you’re looking for a role that gives you the freedom to increase MongoDB’s resonance with customers by strengthening our products. You’re passionate about building a security program that puts a heavy emphasis on customer and engineer experience, leveraging your own extensive experience. You enjoy collaborating with different teams to innovate and implement pragmatic solutions.Who We AreThe MongoDB Product Security organization is a diverse collection of individuals working together to scale MongoDB’s security, both security of the products themselves and the security features we offer to customers. The team is responsible for several products including MongoDB Atlas Cloud, Ops Manager, Kubernetes Operator, and the MongoDB Server (Community and Enterprise editions).The MongoDB Product Security organization works with software engineers to design, implement, and operate systems in a manner that protects customer data. It is a multidisciplinary team that covers product, software, cloud, infrastructure, detection/response, and operational security concerns. The team does the following:Builds an engineering driven security program where there is tight integration with engineering artifacts, process, and tooling. Applies sound engineering to the practice of securityProactively leverages software architecture, coding patterns, security capabilities built into our products to reduce the impact of security issuesActs as security subject matter experts for our tech stack and productsResponsibilitiesYou will take ownership, define strategy, and drive improvement of our product detection and response program. This team is primarily focused on D&R engineering for the Atlas suite of products and supporting supply chainAdvocate for and lead complex security projects from inception through completionBuild frameworks and services that enable engineering teams to build and own detection capability for their products. Be a security subject matter expert and a trusted partner for those teamsIntegrate with our engineering processes like architecture review to drive new telemetry, detections, or containment as part of feature developmentResearch and drive architecture, patterns, and processes across engineering that make unexpected behavior obvious and traceable. Build in context so that response workflows can be scaled and automated.Partner closely with engineering teams to design and build new capability throughout our technology stackResearch and monitor the threat landscape and facilitate feedback loops back in to security and engineeringDesign and implement attack testing automation to validate detection coverageLead cross-team incident investigations and manage the IR processRequirements7 years of experience in security incident detection and response engineering or similar roleBroad knowledge across the Security disciplines. Deep focus in one or more core product security concerns such as software security, cloud (AWS, GCP, or Azure), or Platforms (Linux, Containers, Supporting services).Can plan and develop code for security team tooling. Can collaborate with engineering teams on code and architecture for our production servicesAble to Communicate complex technical issues in a simple manner that builds trust with a variety of audiencesA strong sense of ownership and deliveryCan facilitate a conversation rather than dominate itCan lead post-incident analysis and facilitate postmortemsDon’t feel that you meet all of the requirements? We encourage you to apply anyway because studies have shown that some strong candidates may self-select out of the interview process prematurely. We have a diverse, inclusive, equitable, and high-performing environment at MongoDB and want to continuously improve our ability to deliver for customers.Nice to HavesKnowledge of one or more core project languages (Golang, Java, Javascript, Python).Docker and Kubernetes operation and security.Working knowledge of one or more major cloud providers (AWS, GCP, or Azure).Experience with large scale environments.Success in this role meansTaking ownership of one or more security programs such as application security, cloud security, or incident detection and response.Seeing projects through from conception to completion in order to deliver new services or capabilities for the team.Partnering with and collaborating with other engineering teams.Establishing yourself as a go-to person for discussing security topics.This role can be based out of our New York City office or remotely in North America.To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type and makes all hiring decisions without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.MongoDB’s base salary range for this role is posted below. Compensation at the time of offer is unique to each candidate and based on a variety of factors such as skill set, experience, qualifications, and work location. Salary is one part of MongoDB’s total compensation and benefits package. Other benefits for eligible employees may include: equity, participation in the employee stock purchase program, flexible paid time off, 20 weeks fully-paid gender-neutral parental leave, fertility and adoption assistance, 401(k) plan, mental health counseling, access to transgender-inclusive health insurance coverage, and health benefits offerings. Please note, the base salary range listed below and the benefits in this paragraph are only applicable to U.S.-based candidates.MongoDB’s base salary range for this role in the U.S. is:$118,000—$231,000 USD