Staff Product Security Engineer

MongoDB
Seattle, WA, United States
$137K-$270K a year
Full-time
We are sorry. The job offer you are looking for is no longer available.

MongoDB's mission is to empower innovators to create, transform, and disrupt industries by unleashing the power of software and data.

We enable organizations of all sizes to easily build, scale, and run modern applications by helping them modernize legacy workloads, embrace innovation, and unleash AI.

Our industry-leading developer data platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available in more than 115 regions across AWS, Google Cloud, and Microsoft Azure.

Atlas allows customers to build anywhere-on the edge, on premises, or across cloud providers. With offices worldwide and over 175,000 developers joining MongoDB every month, it's no wonder that leading organizations, like Samsung and Toyota, trust MongoDB to build next-generation, AI-powered applications.

Who You Are

With a strong security engineering background, you're looking for a role that gives you the freedom to increase MongoDB's resonance with customers by strengthening our products.

You're passionate about building a security program that puts a heavy emphasis on customer and engineer experience, leveraging your own extensive experience.

You enjoy collaborating with different teams to innovate and implement pragmatic solutions.

Who We Are

The MongoDB Product Security organization is a diverse collection of individuals working together to scale MongoDB's security, both security of the products themselves and the security features we offer to customers.

The team is responsible for several products including MongoDB Atlas Cloud , Ops Manager , Kubernetes Operator , and the MongoDB Server ( Community and Enterprise editions).

The MongoDB Product Security organization works with software engineers to design, implement, and operate systems in a manner that protects customer data.

It is a multidisciplinary team that covers product, software, cloud, infrastructure, and operational security concerns. The team does the following :

  • Build a developer driven security program where there is tight integration with engineering artifacts, process, and tooling
  • Use software architecture and coding patterns to reduce the impact of security issues
  • Be security subject matter experts for our tech stack and products

Responsibilities

  • You will take ownership, define strategy, and drive improvement for parts of our program such as fuzzing, threat modeling, secrets management, or container security
  • Advocate for and lead complex security projects from inception through completion
  • Drive architecture, patterns, and processes across cloud engineering that make security the easiest path
  • Partner closely with engineering teams to design and implement security controls across our software and systems
  • Research and POC new attacks against our systems. Plan and perform product security assessments including architecture review threat modeling, code review, pen testing and general security consulting to proactively build security controls
  • Serve as a security subject matter expert for software security and architecture
  • Partner with cloud detection and response to create new capabilities or respond to security events
  • Educate the engineering org on security through CTFs, lunch-and-learns, and one-on-one mentorship

Requirements

  • 10 years of experience in application security, software security, or product security
  • Deep subject matter expertise in application security or experience across a number of additional security specialties such as detection response or cloud security
  • Demonstrated ability to identify and fix security issues through manual code review, application penetration testing, or red teaming
  • Scripting experience and ability to contribute code back to our environments
  • Comfortable leading threat modeling and being a security ambassador to other engineering teams
  • Communicate complex technical issues in a simple manner that builds trust with a variety of audiences
  • A strong sense of ownership and delivery
  • Can facilitate a conversation rather than dominate it
  • Skilled at providing collaborative, actionable feedback, not just a list of flaws

Don't feel that you meet all of the requirements? We encourage you to apply anyway because studies have shown that some strong candidates may self-select out of the interview process prematurely.

We have a diverse, inclusive, equitable, and high-performing environment at MongoDB and want to continuously improve our ability to deliver for customers.

Nice to Haves

  • Knowledge of one or more core project languages (Golang, Java, Javascript, Python)
  • Docker and Kubernetes operation and security
  • Working knowledge of one or more major cloud providers (AWS, GCP, or Azure)
  • Experience with large scale environments

Success in this role means

  • Taking ownership of one or more security programs such as application security, cloud security, or incident detection and response
  • Seeing projects through from conception to completion in order to deliver new services or capabilities for the team
  • Partnering with and collaborating with other engineering teams
  • Establishing yourself as a go-to person for discussing security topics

This role can be based out of our Seattle office or remotely in North America.

To drive the personal growth and business impact of our employees, we're committed to developing a supportive and enriching culture for everyone.

From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees' wellbeing and want to support them along every step of their professional and personal journeys.

Learn more about what it's like to work at MongoDB , and help us make an impact on the world!

MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process.

To request an accommodation due to a disability, please inform your recruiter.

MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type and makes all hiring decisions without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

MongoDB's base salary range for this role is posted below. Compensation at the time of offer is unique to each candidate and based on a variety of factors such as skill set, experience, qualifications, and work location.

Salary is one part of MongoDB's total compensation and benefits package. Other benefits for eligible employees may include : equity, participation in the employee stock purchase program, flexible paid time off, 20 weeks fully-paid gender-neutral parental leave, fertility and adoption assistance, 401(k) plan, mental health counseling, access to transgender-inclusive health insurance coverage, and health benefits offerings.

Please note, the base salary range listed below and the benefits in this paragraph are only applicable to U.S.-based candidates.

MongoDB's base salary range for this role in the U.S. is :

$137,000 $270,000 USD

9 days ago
Related jobs
Promoted
Gusto
Seattle, Washington

We are looking for a senior software engineer to join our Product Security Engineering team. The Product Security team helps Gusto move faster, securely. We're a team of engineers who work to enable other teams to build products as quickly as possible while continuing to protect our customers. We he...

Square
Seattle, Washington

The Product Security engineering team focuses on protecting Cash App’s customer data throughout the product engineering’s technology stacks. We are a hands-on, engineering-driven security team, which aligns security engineers toward product teams, across the entire Cash App organization. As a Produc...

DataBricks
Seattle, Washington

The Product Security Team's mission is to Left-shift SDLC (Security Development Lifecycle) processes for ALL code written in Databricks (for Customer Use or Supporting Customer internally) to reduce the likelihood of introducing new vulnerabilities in production and minimize the count and effect of ...

Databricks
Seattle, Washington

B2B or SaaS products, with experience delivering successful customer-facing products/features. An accomplished senior product manager who can define and deliver on success metrics, summarize customer inputs into actionable requirements, and crisply communicate product value propositions to customers...

reddit
Seattle, Washington

As a staff engineer, you will lead your team in the design and creation of our Snapshot product used to deliver high quality data to partners. The Data Infrastructure team is looking to hire a Staff software Engineer who is excited to solve large scale batch and streaming data challenges. Excellent ...

Gemini
Seattle, Washington

This role will bring additional depth and specialization in database design, security and we also value expertise in neighboring areas of infrastructure and platform security engineering including: PKI, core cryptography, identity management, network security, etc. The Role: Staff Data Security Engi...

Amazon
Seattle, Washington

AWS Security is looking for a Security Engineer to design security controls and help validate that our services, applications, and emerging technologies are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, di...

Amazon.com Services LLC
Seattle, Washington

Collaborate with Senior Security Engineers to develop products and processes that support the team in delivering consistently bar-raising and customer-centric Application Security services. Healthcare Security Engineers act as consultants and partners to Amazon Healthcare developers and product owne...

Expedia Group
Seattle, Washington

Expedia Security & Privacy is searching for a top-notch Product Security Engineer who thrives on working with development teams to secure their products across the software development lifecycle. Principal Product Security Engineer. Bachelors or Masters Degree in Cybersecurity, Information Secur...

Boeing
Seattle, Washington

Experience in systems engineering, mission computing, product security engineering, and/or software engineering for avionics. A Master of Science degree or higher from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), computer scien...