Compliance Program Manager

The database market is massive (IDC estimates it to be $121B+ by 2025!) and MongoDB is at the head of its disruption. At MongoDB we are transforming industries and empowering developers to build amazing apps that people use every day. We are the leading modern data platform and the first database provider to IPO in over 20 years. Join our team and be at the forefront of innovation and creativity.

MongoDB is seeking an experienced Compliance professional to help build and maintain customer trust, whilst leading and building out MongoDB’s compliance program in support of our sales cycle.

MongoDB aligns its practices to multiple compliance frameworks in order to support our customer’s needs. As we continue to grow, MongoDB is expanding to support more security and compliance requests from both prospective and existing customers.These requests may align both to industry frameworks and internal customer security control frameworks. 

The Compliance Program Manager will be a compliance generalist when it comes to the world of information security controls and programs.  This includes leading customer related compliance efforts involving enhanced due diligence reviews, supporting external certification audits and performing internal compliance controls and business as usual activities.

The Compliance Program Manager should be experienced in performing or responding to (technical) audits in several Information Security Related frameworks (i.e. SOC2, ISO27001, PCI, HIPAA/HITRUST) and has a clear understanding of technical Cloud Security Controls.

This is a critically important role and a great opportunity to build out an internal compliance program and help scale MongoDB Inc. to support our customer’s needs. MongoDB is a breakthrough company that is disrupting a $68B market. This position has significant growth potential and we’re looking for someone who is excited to take initiative and help lead. This position is based out of our New York City Headquarters (potential for remote role).

Candidate Profile

The right candidate for this role will have:

• Ability to communicate clearly to mixed audiences with a varied understanding of Cloud technologies, compliance and security controls (including internal Sales, Product and engineering teams)
• Technical understanding of Information and Cloud Security Controls; experience with audit consulting is beneficial
• Previous experience and/or familiarity with SOC2, ISO27001, HIPAA, PCI and/or related information security frameworks
• The ability to work in a fast-paced tech environment, managing multiple large scale projects simultaneously
• Minimum 5 years experience of performing or leading customer audits, and technical assessments to support compliance efforts
• Bachelor’s degree in Finance, Computer Science, Cyber Security, Information Security, Information Systems Management, Information Technology Auditing or related relevant field
• A strong understanding of audit process, methodology, standards and terminology
• A foundational understanding of Cloud Environments and Linux systems
• CISA, CISSP, CRISC, AWS Solutions Architect, ISO27001 Lead Auditor or Implementor certifications welcome but not required
• An entrepreneurial spirit -- you enjoy challenges across broad range of disciplines
• Experience interfacing with technical and non-technical persons on compliance and security topics
• Position is based in New York City office but open to remote candidates

Position Expectations 

• Interface with (prospective) customers and our Security Assurance teams to facilitate enhanced due diligence reviews and customer audits
• Interface with MongoDB product managers to drive compliance requirements and prioritize remediation efforts
• Interface with MongoDB legal team (commercial and product) as required to respond to customer requests at contract signing
• Support periodic internal audits, as needed
• Own and respond to customer compliance and security information requests
• Perform internal compliance and governance controls and other business as usual efforts
• Be the subject matter expert on customer compliance efforts for MongoDB Inc.

Success Measures

The Compliance Program Manager will be successful in this role when they can execute the following strategic tasks: 

• People: Collaborate with leads to understand our customer's compliance requests and necessary gaps to address
• Organization: Ability to manage multiple parallel efforts and prioritize resources based upon understanding and interpreting business needs.
• Communication:  Successfully communicate your recommendations and rationale to both technical and non-technical management
• Research: Gather and analyze feedback from internal stakeholders and develop pragmatic recommendations with respect to compliance initiatives
• Customer Service: Ensure MongoDB’s Compliance Program operates efficiently with minimal interruption to MongoDB teams. Provide great customer service when interfacing with other MongoDB Teams

To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!

MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.

MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type and makes all hiring decisions without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.