Senior Detection and Response Security Engineer

The database market is massive (the IDC estimates it to be $106B+ by 2024!) and MongoDB is at the head of its disruption. The MongoDB community is transforming industries and empowering developers to build amazing apps that people use every day. We are the leading modern data platform and the first database provider to IPO in over 20 years. Join our team and be at the forefront of innovation and creativity.

Team Description

MongoDB is seeking a passionate and experienced Information Security Engineer to help establish and expand MongoDB’s Detection and Response / Incident Response (IR) Program and assist in general Information Security needs.

This is an exciting opportunity to be a key member of our Security Team. The MongoDB Security Team is responsible for the Information Security Program for MongoDB Inc; helping to reduce risk in our systems and company, and to help establish trust in our product offerings and cloud services.

Your focus will be on Detection and Response; understanding where our risks are, where we need to build to acquire and process signals and how to use that information for effective Detection and Response. This is a critically important role to help scale out the Information Security Program for a breakthrough company that is reinventing a $45B market. This position has significant growth potential, and we’re looking for someone who is excited to take initiative and help lead. This position is based out of our New York City Headquarters.

Candidate Profile

The right candidate for this role will have

• Proficient in detection and response or incident response disciplines, 3+ years of experience
• Hands-on experience of operating a SIEM, e.g., Splunk following IR procedures
• Detailed knowledge of Linux Systems security and Web application security, from a detection standpoint
• A detailed understanding of how malware works and the ability to analyze malware
• A good grasp of current threat intelligence and modern attacker exploit and persistence techniques
• A solid background in CIS benchmarks and how to create customized security baselines
• Hands-on experience of performing security reviews on cloud (SaaS) applications
• An entrepreneurial spirit; you enjoy challenges across broad range of disciplines
• Experience collaborating closely with technical and non-technical persons on Information Security Topics

Position Expectations

• Assist the lead to drive Detection and Response needs across the organization.
• Continually evaluate the current detection and response posture; work with engineering leadership for rolling out additional capabilities
• Build and automate necessary integrations to pipe data from its location to a centralized logging platform
• Create actionable alerts based upon Security Events
• Participate in weekly on-call rotations
• Help configure and maintain information security D&R tools
• Research and lead security projects
• Create or improve D&R processes and/or procedures
• Assist in instrumenting our applications, systems and networks for effective detection
• Educate Engineers and Executives on the importance of Detection and Response capabilities
• Work Cross functionally with multiple teams on establishing new processes and improving existing
• Ability to quickly learn new Information Security concepts and adapt to a modern, fast-paced organization
• Advocate for the importance of Information Security policies and simplify efforts to verify internal adherence

Success Measures

The Information Security Engineer will be successful in this role when they can execute the following strategic tasks:

• People: Collaborate and design detection and response systems with fellow engineers in across the organization
• Organization: Ability to manage multiple parallel efforts and prioritize resources based upon understanding and interpreting business needs.
• Communication: Successfully communicate your recommendations and rationale to both technical and non-technical management.
• Research: Research modern approaches to detection and response processes, tooling and techniques. Gather and analyze feedback from internal stakeholders.
• Customer Service: Ensure MongoDB’s Detection and Response program and controls are pragmatic for our internal stakeholders. Provide great customer service when engaging with other MongoDB Teams.

To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!

MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.

MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.