MongoDB’s mission is to empower innovators to create, transform, and disrupt industries by unleashing the power of software and data. We enable organizations of all sizes to easily build, scale, and run modern applications by helping them modernize legacy workloads, embrace innovation, and unleash AI. Our industry-leading developer data platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available in more than 115 regions across AWS, Google Cloud, and Microsoft Azure. Atlas allows customers to build anywhere—on the edge, on premises, or across cloud providers. With offices worldwide and over 175,000 developers joining MongoDB every month, it’s no wonder that leading organizations, like Samsung and Toyota, trust MongoDB to build next-generation, AI-powered applications.

Team:

MongoDB is seking a passionate Security Engineer to help expand MongoDB’s Information Security Program, specifically focusing on Corporate SaaS Security.

The MongoDB Security Team is responsible for the Information Security Program for MongoDB Inc; helping to reduce risk in our systems, company and to help establish trust in our product offerings and cloud services. Our customers are both our internal MongoDB employees and our external customers. 

This is an exciting chance to be part of a dynamic and innovative team with a lot of opportunities to grow. MongoDB prides itself on offering careers rather than jobs.

We are looking to speak to candidates who are based in London for our hybrid working model, or remote within the UK.

Role Description:

MongoDB is looking for an experienced professional to join our security team. The ideal candidate will have at least 2 years+ of experience in Information/Cyber Security. 

Primary focus of this role will be ensuring that 3rd party Corporate SaaS applications used by MongoDB are configured and managed securely. This will include developing novel approaches and tools for SaaS security (like SOAR), utilizing industry best practices and responding to security incidents.

3rd party SaaS applications in this context can be defined as “productivity” and “corporate” SaaS platforms which are used by hundreds or thousands of MongoDB employees. This role will not be specifically focused on IaaS / PaaS tools like Amazon, GCP, Azure - although some overlap is possible and necessary.

Candidate Profile:

Candidates for this role should be fluent in a variety of information security tools, including some Cloud-based technologies. Ideal candidates will also have experience application in pentesting, security reviews and awareness of different SaaS platforms. 

Candidates for this role need to be willing to undergo additional training to learn more about different SaaS platforms specifics.

We are looking for someone who is proactive in presenting ideas with demonstrated problem-solving skills.

Additionally, this role requires strong ability to multitask as well as solid communication skills. 

The ideal candidate for this role will have:

Minimum 3 years hands-on experience in cyber security Demonstrated success completing complex projects in previous rolesBe familiar with different SaaS technologies like Salesforce, Google WorkspaceBe familiar with IaaS/PaaS technologies like AWS, GCPExperience utilizing SaaS management tools like CASB, SSPM is desiredDemonstrated ability to create scripts and automated processes interfacing with REST APIs Be Fluent in variety of security technologies Demonstrated problem solving capabilities Strong ability to collaborate with technical and non-technical teams Experience with SIEM platforms like Splunk Some experience with application architecture reviews Some pentesting experience or awareness is preferred Willingness to work with different technical teams on finding elegant solutions to complex problems, managing them to resolution and release Have at least a basic understanding of different Information Security standards (e.g. SOC2, HIPAA, Fedramp)

Position Expectations:

Rapidly understand and assess new technologies Willingness to learn new technologies and adapt to a modern, fast-paced organization Have interest in rapidly expanding world of SaaS security Ability to work with geographically distributed teams and multitasking are essential Communicate security threats, assessments and risks as well as make recommendations Capacity to organize, coordinate and implement in both a global and regional context as required Educate Engineers and application owners on the importance of SaaS Security and associated risks Ability to quickly learn new systems and architectures Work Cross functionally with multiple teams on establishing new processes and improving existing ones Ability to create documentation when needed as well as defend and execute on findings Ability to create process that help address configuration drift

Success Measures:

The Information Security Engineer I, SaaS security will be successful in this role when they can execute the following strategic tasks: 

People: Collaborate to secure our products with fellow engineers in various departments Organization: Ability to manage multiple parallel efforts and utilise risk-based approach for prioritization Communication: Successfully communicate your recommendations and rationale to both technical and semi-technical resources Research: Research modern approaches to security problems, offensive and defensive processes, tooling and techniques Creative: Find creative yet simple solutions to complex problems with technical requirements

This is an important role to help mature the capabilities of the Information Security Program for a breakthrough company that is disrupting a $80B market. This position has significant growth potential and we’re looking for someone who is excited to take initiative and help secure our company. This position is based out of our London office in Blackfriars. 

This position will report directly to the Manager of SaaS Security, EMEA.

Company:

MongoDB is the leading modern, general purpose database platform, designed to unleash the power of software and data for developers and the applications they build. MongoDB Atlas, the company’s multi-cloud database as a service launched in 2016, is available in over 50 regions across AWS, Azure, and GCP.