Security Engineer, Detection & Response

New York City

MongoDB logo
Apply now Apply later

Posted 2 weeks ago

The database market is massive (the IDC estimates it to be $89B+ by 2024!) and MongoDB is at the head of its disruption. The MongoDB community is transforming industries and empowering developers to build amazing apps that people use every day. We are the leading modern data platform and the first database provider to IPO in over 20 years. Join our team and be at the forefront of innovation and creativity.

MongoDB is seeking a passionate and experienced Information Security Engineer to help establish and expand MongoDB’s Detection and Response / Incident Response Program and assist in general Information Security needs.

This is a unique opportunity to be a key member of our Security Team. The MongoDB Security Team is responsible for the Information Security Program for MongoDB Inc; helping to reduce risk in our systems and company, and to help establish trust in our product offerings and cloud services.

Your focus will be on Detection and Response; understanding where our risks are, where we need to build to collect and process signals and how to use that information for effective Detection and Response. This is a critically important role to help scale out the Information Security Program for a breakthrough company that is reinventing an $89B market. This position has significant growth potential, and we’re looking for someone who is excited to take initiative and help lead. This position is based out of our New York City Headquarters.

Candidate Profile

The right candidate for this role will have

  • 3+ years of professional experience in detection and response or incident response fields
  • Hands-on experience writing your own tools and modifying others, in order to automate and integrate systems
  • Hands-on experience building content (dashboards, alerts and reports) in a SIEM, e.g., Splunk
  • A detailed understanding of the following:
  • Linux Systems security and Web application security, from a detection standpoint
  • Current threat intelligence and modern attacker exploit/persistence techniques and how to use that information for threat modeling to drive prioritization
  • Malware and malware analysis
  • Networking protocols
  • An entrepreneurial spirit; you enjoy challenges across broad range of subject areas
  • Experience collaborating closely with technical and non-technical persons on Information Security Topics
  • Experience with User Behavior Analytics (UBA) and/or SOAR (Security Orchestration, Automation, and Response) tools

Position Expectations

  • Assist the lead to drive Detection and Response needs across the organization.
  • Continually evaluate the current detection and response posture; work with engineering leadership for rolling out additional capabilities
  • Build and automate necessary integrations to pipe data from its location to a centralized logging platform
  • Create actionable alerts based upon Security Events
  • Participate in weekly on-call rotations
  • Help configure and maintain information security D&R tools
  • Research and lead security projects
  • Create or improve D&R processes and/or procedures
  • Assist in instrumenting our applications, systems and networks for effective detection
  • Educate Engineers and Executives on the importance of Detection and Response capabilities
  • Work Cross functionally with multiple teams on establishing new processes and improving existing
  • Ability to quickly learn new Information Security concepts and adapt to a modern, fast-paced organization
  • Advocate for the importance of Information Security policies and simplify efforts to verify internal adherence

Success Measures

The Information Security Engineer will be successful in this role when they can execute the following strategic tasks:

  • People: Collaborate and design detection and response systems with fellow engineers in various other groups
  • Organization: Ability to manage multiple parallel efforts and prioritize resources based upon understanding and interpreting business needs
  • Communication: Successfully communicate your recommendations and rationale to both technical and non-technical management
  • Research: Research modern approaches to detection and response processes, tooling and techniques. Gather and analyze feedback from internal stakeholders
  • Customer Service: Ensure MongoDB’s Detection and Response program and controls are pragmatic for our internal partners. Provide great customer service when collaborating with other MongoDB Teams

To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!

MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.

MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

Job tags: Analytics Automation Incident response Linux Malware SIEM Splunk Threat intelligence
Share this job: