Information Security Engineer, Detection and Response

New York City

MongoDB logo
Apply now

Posted 3 weeks ago

MongoDB is seeking a passionate and experienced Information Security Engineer to help expand MongoDB’s Detection and Response (D&R) / Incident Response Program and assist in general Information Security needs.

This is an exciting opportunity to be a key member of our Security Team.  The MongoDB Security Team is responsible for the Information Security Program for MongoDB Inc; helping to reduce risk in our systems and company, and to help establish trust in our product offerings and cloud services. 

Your focus will be on Detection and Response; understanding where our risks are, where we need to build to obtain and process signals and how to use that information for effective Detection of potential security concerns and Response to such events. In addition, your role will also involve assisting the team in general Information Security tasks that are asked of us, including architecture assessments, vulnerability remediation and related tasks. This is a critically important role to help scale out the Information Security Program for a breakthrough company that is disrupting a $45B market. This position has significant growth potential and we’re looking for someone who is excited to take initiative and help lead. This position is based out of our New York City Headquarters. 

The right candidate for this role will have

  • An understanding of core Information Security fundamentals and experience operating in an environment with some responsibility and ownership of security related efforts, for 2+ years of experience 
  • A background in detection and response or incident response disciplines
  • Hands-on experience automating security related tools, to assist with deployments at scale
  • A fundamental understanding of Linux and/or Windows Systems security and Web application security, from a detection standpoint
  • An understanding of how malware works and the ability to analyze malware
  • A good grasp of current threat intelligence and modern attacker exploit and persistence techniques
  • A firm understanding of networking protocols
  • An entrepreneurial spirit; you enjoy challenges across broad range of disciplines
  • Experience interfacing with technical and non-technical persons on Information Security Topics. Experience delivering security-related training is a plus

Position Expectations

  • Work directly with MongoDB’s D&R lead to advance D&R program initiatives, such as log engineering and management, use-case / alerting development and tuning, playbook development, incident response and related
  • Continually evaluate the current detection and response posture; work with engineering leadership for rolling out additional capabilities
  • Build and automate necessary integrations to pipe data from its location to a centralized logging platform
  • Create actionable alerts based upon Security Events
  • Assist in instrumenting our applications, systems and networks for effective detection. Deploying, configuring and maintaining new tools as needed.
  • Educate Engineers and Executives on the importance of Detection and Response capabilities
  • Work Cross functionally with multiple teams on establishing new processes and improving existing
  • Ability to quickly learn new Information Security concepts and adapt to a modern, fast-paced organization
  • Advocate for the importance of Information Security policies and simplify efforts to verify internal adherence
  • Review compliance and regulatory requirements (e.g., FedRAMP, PCI DSS, etc), and assist in accomplishing required tasks to ensure the D&R program is in compliance

Success Measures

The Information Security Engineer will be successful in this role when they can execute the following strategic tasks: 

  • People: Collaborate and design detection and response systems with fellow engineers in various departments
  • Organization: Ability to manage multiple parallel efforts and prioritize resources based upon understanding and interpreting business needs
  • Communication:  Successfully communicate your recommendations and rationale to both technical and non-technical management
  • Research: Research modern approaches to detection and response processes, tooling and techniques. Gather and analyze feedback from internal stakeholders
  • Customer Service: Ensure MongoDB’s Detection and Response program and controls are pragmatic for our internal stakeholders. Provide great customer service when interfacing with other MongoDB Teams

*MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.*

Job tags: Architecture FedRAMP Incident response Linux Malware PCI Threat intelligence Windows