Technical Compliance Program Senior Manager (FedRAMP Specialist) at MongoDB
MongoDB is seeking an experienced Technical Compliance Senior Program Manager to lead and help build out MongoDB’s governance, risk and compliance program, with a particular specialization in the successful implementation, management and maintenance of a FedRAMP program.
MongoDB aligns its practices to multiple compliance frameworks in order to support our customer’s needs. As we continue to grow, MongoDB is expanding to support more compliance frameworks. The Technical Compliance Senior Program Manager will lead compliance efforts involving assessments with external auditors, perform gap analysis activities, inform internal stakeholders of their compliance requirements, conduct information risk assessments and assist in responding to customer requests for compliance and information security.
The Technical Compliance Senior Program Manager must be experienced in performing technical audits in several IT Security Related frameworks (i.e. PCI DSS, FedRAMP, NIST SP 800-53) and have a clear understanding of technical IT Security Controls. The role’s first focus will be to help establish and implement our FedRAMP moderate control baseline.
This is a critically important role and a great opportunity to build out an internal compliance program and help scale MongoDB Inc. to support our customer’s needs. MongoDB is a breakthrough company that is disrupting a $40B market. This position has significant growth potential and we’re looking for someone who is excited to take initiative and help lead. This position is based out of our New York City Headquarters, but we are supportive of a remote worker position also.
The right candidate for this role will have:
- Technical understanding of IT Security Controls; experience with Security and/or IT audit and/or consulting is necessary.
- Must have at least 3 years experience with FedRAMP.
- NIST 800-53 and/or related compliance frameworks such as PCI, ISO 27001, SOC 2 and HIPAA.
- The ability to work in a fast-paced tech environment, managing multiple large scale projects simultaneously.
- Ability to communicate clearly to various levels of management (including executive management), across various business functions (including engineering).
- Minimum 7 years experience of leading and conducting technical assessment to support compliance efforts.
- Bachelor’s degree in Computer Science, Cyber Security, Information Security, Information Systems Management, Information Technology Auditing or related relevant field.
- A strong understanding of Cloud Environments, Linux and Windows systems.
- Previous experience working for a 3PAO, Federal Agency or CSP with an ATO is preferred.
- CCSP, PCI QSA, CISSP, CISA certifications welcome but not required.
- An enthusiastic spirit -- you enjoy challenges across broad range of disciplines.
- Experience interfacing with technical and non-technical persons on Governance, Risk, Compliance and Security Topics.
- Position is based in New York City office but open to remote candidates.
- Manage various relationships both internally and externally regarding our FedRAMP compliance project.
- Interface with MongoDB product managers to drive compliance requirements, in particular our FedRAMP compliance requirements.
- Act as a key point of contact for internal and external audit engagements, interfacing with external auditors.
- Manage and perform periodic internal audits, as needed.
- Manage and help grow a governance, risk and compliance team.
- Develop and deliver Technical Compliance Training.
- Own and respond to customer compliance and information security requests.
- Develop metrics to measure the performance of the MongoDB compliance program.
- Define roadmaps and necessary capabilities for future compliance needs.
- Be a subject matter expert on Compliance Efforts for MongoDB Inc.
- Assist in adjusting existing relevant policies to align company objectives with compliance needs.
The Technical Compliance Senior Program Manager will be successful in this role when they can execute the following strategic tasks:
- People: Collaborate with leads to understand our customer's compliance requests and necessary gaps to address as well as help to grow the governance, risk and compliance team.
- Organization: Ability to manage multiple parallel efforts and prioritize resources based upon understanding and interpreting business needs.
- Communication: Successfully communicate your recommendations and rationale to both technical and non-technical management
- Research: Gather and analyze feedback from internal stakeholders and develop pragmatic recommendations with respect to compliance initiatives
- Customer Service: Ensure MongoDB’s Governance, Risk and Compliance Program operates efficiently with minimal interruption to MongoDB teams. Provide great customer service when interfacing with other MongoDB Teams
*MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.*