Senior Security Analyst

London, Dublin

The database market is massive (the IDC estimates it to be $119B+ by 2025!) and MongoDB is at the head of its disruption. The MongoDB community is transforming industries and empowering developers to build amazing apps that people use every day. We are the leading modern data platform and the first database provider to IPO in over 20 years. Join our team and be at the forefront of innovation and creativity.

This role can be based out of our London or Dublin office or remotely in the European region.

The mission of MongoDB’s global Information Security Team is to reduce security risks, protect our user community and maintain trust in our products and services.

We are looking for an experienced information security professional to join our Information Security Team. This is a senior advisory role that will serve as a trusted security expert to our customer-facing teams and help them provide our customers with transparent, actionable information needed to assess  our products and services. Responsibilities include responding to inquiries from customer security teams  regarding our Product’s security features and working closely with our Legal team to review and negotiate customer contracts and security exhibits.

This role requires an independent fast learner. An understanding of a broad array of security concepts plus the ability to clearly convey these concepts to a wide variety of technical and non-technical audiences at all levels is vital to success in this role. MongoDB’s products are technical in nature and intended to be used by software engineers. An understanding of product security features and how those map to security controls is important

Responsibilities:

  • Help our solutions architects respond to security questions and complex questionnaires. 
  • Work with colleagues to grow our internal knowledge base with the goal of significantly boosting productivity of customer-facing staff.
  • Provide guidance and contract mark-ups to assist our commercial attorneys review customer contracts, security exhibits and documents.
  • Collaborate on internal training content intended to help customer-facing staff build a strong understanding of our security program.
  • Work with colleagues to respond to inquiries regarding high-profile  security events or vulnerabilities in the software supply chain.
  • Provide actionable feedback from the field to our Product Management team.

Requirements:

  • 5 years of experience in information security, in a public cloud environment. Success in previous roles including Solutions Architecture, security operations centers, and network defense are especially valuable
  • Strong understanding of fundamental information security concepts such as Defense in Depth and vulnerability management
  • Knowledge of important cloud security concepts particularly the shared responsibility model
  • Strong understanding of the major offerings and architectural differences between the major public cloud providers (AWS, Azure, and GCP)
  • Basic understanding of the challenges enterprises face when moving to the cloud
  • A confident yet calm demeanor
  • A strong desire to be helpful and serve in an advisory capacity
  • The ability to clearly communicate complex technical topics to a wide audience

Nice to Haves:

  • Experience in hands-on information security role within a public cloud environment
  • Basic knowledge of Infrastructure as Code and basic DevOps practices
  • Working knowledge of ISO 27001:2013, SOC 2, PCI DSS v. 3.2 and /or HIPAA. Should be able to review a SOC 2 report or PCI DSS Attestation of Compliance and find information
  • CISSP, CISA, CCSK and/or GPCS certification in good standing

Success in this Role Means:

  • Within 3 months - Be able to confidently help our solutions architects respond to security questions and help our commercial attorneys review customer security exhibits with minimal oversight
  • Within 6 months - Work closely with our sales teams and commercial attorneys to help them move deals with large strategic customers to a close
  • Within 12 months - Become a trusted expert on all aspects of the security of our products and services

To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!

MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.

#LI-Remote

MongoDB is an equal opportunities employer.

To applicants in the European Union and California: Please find our European Union and California Recruitment Privacy Notice.

To all recruitment agencies: MongoDB does not accept unsolicited agency resumes. Please do not forward resumes to our jobs alias or MongoDB employees. MongoDB is not responsible for any fees related to unsolicited resumes.