MongoDB’s mission is to empower innovators to create, transform, and disrupt industries by unleashing the power of software and data. We enable organizations of all sizes to easily build, scale, and run modern applications by helping them modernize legacy workloads, embrace innovation, and unleash AI. Our industry-leading developer data platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available in more than 115 regions across AWS, Google Cloud, and Microsoft Azure. Atlas allows customers to build and run applications anywhere—on premises, or across cloud providers. With offices worldwide and over 175,000 new developers signing up to use MongoDB every month, it’s no wonder that leading organizations, like Samsung and Toyota, trust MongoDB to build next-generation, AI-powered applications.

The MongoDB Security team is looking for a Public Sector Compliance Analyst. This role will report to the Public Sector Program Manager and will support our internal Governance, Risk, and Compliance program to help scale MongoDB Inc. to support our customer’s needs. This role will be responsible for assessing, documenting, and monitoring risk and compliance for MongoDB product offerings.

MongoDB aligns its practices to multiple compliance frameworks in order to support our customer’s needs. As we continue to grow, MongoDB is expanding to support more public sector compliance frameworks. This role will support MongoDB’s public sector compliance team in several key areas. This includes communicating compliance requirements to internal stakeholders, gathering system and organizational information, and using that to maintain documentation and complete deliverables. The role will also provide general administrative support. This includes preparing data for analyses and reports, arranging meetings, and documenting meeting minutes and action items. These efforts enable the continuous growth of the Governance, Risk, and Compliance Program.

MongoDB is a breakthrough company that is disrupting a $40B market. This position has significant growth potential and we’re looking for someone who is excited to take initiative and eager to learn.

Responsibilities

• Assist with ongoing public sector compliance maintenance for a leading Database as a Service (DBaaS) compliance team
• Support assessment activities as required by potential sponsors, 3PAO, or the PMO to maintain compliance certifications
• Monitor internal compliance against information security governance frameworks by participating in third party assessments, internal control reviews, and gap assessments
• Identify and communicate control gaps, evaluate action plans and milestones, and provide ongoing monitoring through remediation
• Develop, review, and maintain policies, processes, and procedures for MongoDB’s Governance, Risk, and Compliance Program
• Develop, review, and maintain customer facing documentation (e.g. CIS, CRM)
• Support continuous monitoring activities to maintain compliance certifications (e.g. annual assessments, significant changes, vulnerability management, and incident reporting)  
• Work cross-functionally with organizational stakeholders to provide guidance on the effectiveness of security controls
• Support audit readiness by engaging with internal stakeholders, providing guidance on compliance requirements, and preparing them for assessment interviews
• Assist with building reports, dashboards, and presentations for various audiences (e.g. executive level, business unit level, department level, and customers)
• Communicate recommendations for optimizing business operations to meet internal and external compliance goals
• Leverage ticketing systems to document and track assignments to completion

Qualifications

• Be a US Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee)
• Bachelor’s degree in a technical field or equivalent professional experience
• Experience conducting major security and compliance audits including ISO27001, HIPAA, PCI, and SOC2
• Hands-on experience assessing, implementing, and documenting security controls in cloud environments
• Strong understanding of cloud security, compliance, risk management, and information security principles
• Exceptional skills in analysis, diagnostics, and critical thinking
• Proven ability to collaborate proactively with internal teams and external customers
• Strong verbal, written, and interpersonal communication skills for both technical and non-technical audiences
• Effective communication of progress, concerns, and escalations to managers and stakeholders in a timely manner
• Demonstrated ability to work independently and take ownership of tasks with minimal supervision
• Resourcefulness in utilizing publicly available and internal resources to complete assignments
• Proficiency in Microsoft Office (Word, Excel, PowerPoint) and Google Workspace (Docs, Sheets, Slides)

Desired Qualifications

• Specific knowledge of compliance requirements and technical assessments for FedRAMP, NIST 800-53, and NIST 800-171 or other highly regulated security standards
• Basic understanding of vulnerability management practices and continuous monitoring documentation (e.g. POA&M, Inventory Workbook, Deviation Request Form)
• Experience reviewing and editing SSPs, IRPs, ISCPs, and other FedRAMP related documentation
• CCSP, CISA, CGRC, and similar certifications are a plus

To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!

MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.

MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type and makes all hiring decisions without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.