MongoDB is seeking an experienced Technical Compliance Program manager to lead and build out MongoDB’s compliance program.
MongoDB aligns its practices to multiple compliance frameworks in order to support our customer’s needs. As we continue to grow, MongoDB is expanding to support more compliance frameworks. The Technical Compliance Program Manager will lead compliance efforts involving assessments with external auditors, perform gap analysis activities, inform internal stakeholders of their compliance requirements and assist in customer requests for compliance and security information.
The Technical Compliance Program Manager should be experienced in performing technical audits in several IT Security Related frameworks (i.e. PCI DSS, NIST SP 800-53, FedRAMP) and has a clear understanding of technical IT Security Controls.
This is a critically important role and a great opportunity to build out an internal compliance program and help scale MongoDB Inc. to support our customer’s needs. MongoDB is a breakthrough company that is disrupting a $40B market. This position has significant growth potential and we’re looking for someone who is excited to take initiative and help lead. This position is based out of our New York City Headquarters (potential for remote role).
The right candidate for this role will have
- Technical understanding of IT Security Controls; experience with IT audit consulting is beneficial
- Previous experience and/or familiarity with PCI, NIST SP 800-53 and/or related compliance frameworks (i.e. FedRAMP)
- The ability to work in a fast-paced tech environment, managing multiple large scale projects simultaneously
- Ability to communicate clearly to various levels of management (including executive management), across various business functions (including engineering)
- Minimum 5 years experience of performing or leading technical assessment to support compliance efforts
- Bachelor’s degree in Computer Science, Cyber Security, Information Security, Information Systems Management, Information Technology Auditing or related relevant field
- A strong understanding of Cloud Environments, Linux and Windows systems
- PCI QSA, PCI ISA, PCIP, CISSP, certifications welcome but not required
- An entrepreneurial spirit -- you enjoy challenges across broad range of disciplines
- Experience interfacing with technical and non-technical persons on Compliance and Security Topics
- Position is based in New York City office but open to remote candidates
- Interface with MongoDB product managers to drive compliance requirements
- Interface with and Lead projects involving external auditors
- Develop and deliver Technical Compliance Training
- Perform periodic internal audits, as needed
- Own and respond to customer compliance and security information requests
- Develop metrics to measure the compliance program
- Define roadmaps and necessary capabilities for future compliance needs
- Be the subject matter expert on Compliance Efforts for MongoDB Inc.
- Assist in adjusting existing relevant policies to align company objectives with compliance needs
The Technical Compliance Program Manager will be successful in this role when they can execute the following strategic tasks:
- People: Collaborate with leads to understand our customer's compliance requests and necessary gaps to address
- Organization: Ability to manage multiple parallel efforts and prioritize resources based upon understanding and interpreting business needs.
- Communication: Successfully communicate your recommendations and rationale to both technical and non-technical management
- Research: Gather and analyze feedback from internal stakeholders and develop pragmatic recommendations with respect to compliance initiatives
- Customer Service: Ensure MongoDB’s Compliance Program operates efficiently with minimal interruption to MongoDB teams. Provide great customer service when interfacing with other MongoDB Teams
*MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.*