Staff Technical Program Manager, Security

Summary

Join MongoDB as a Staff Technical Program Manager, Security and drive impactful security assessment initiatives. You will enhance the trust and security posture of our products, focusing on strategic alignment and data-driven decision-making. This role bridges security strategy and execution, optimizing workflows and ensuring teams deliver impactful results. You will collaborate with engineers, product teams, and leadership, and communicate security progress and risks to stakeholders. This position can be based in New York City, Seattle, or remotely in the US. MongoDB offers a supportive and enriching culture with various benefits.

Requirements

• Experienced in managing technical projects or programs while collaborating with Security Engineering, developers, and various engineers, employing different project management techniques and business analysis to ultimately link technical execution to business outcomes
• Experienced with 8+ years working in a technical capacity and/or in a project or program management role within the security domain
• Experienced with 5+ years working with security vendors specific to security assessments and penetration testing in large-scale SaaS and software development environments
• Capable of deep user empathy and adept at balancing product goals and engineering constraints to deliver impactful experiences
• Experienced in creating scalable and modern engagement models between security engineering and engineering teams for finding assessment and remediation
• Able to maintain a strategic view of our software engineering processes even while supporting and optimizing the operations of the team
• Skilled at communicating with a diverse set of engineers and leadership stakeholders
• Hyper-organized and capable of juggling all of the data associated with projects and task-tracking
• Knowledgeable of agile methodologies and experienced with implementing project management best practices
• Driven by an attuned sense of priority and urgency to ship features and achieve the right business outcomes
• Trained in working with project tracking software (e.g. JIRA, Rally, MS Project, Trello)
• Interested in learning everything about MongoDB

Responsibilities

• Efficiently and effectively manage security assessment & penetration testing engagements with external vendors and internal stakeholders
• Execute and improve the processes and tools that inform the daily life of engineering teams specific to the security domain in areas such as vulnerability assessment and remediation
• Drive coordination between product development teams and internal stakeholders to prioritize the most impactful internal and external security assessment engagements
• Identify risks to the team's delivery, and mitigate them where possible
• Partner with security, product, and engineering leaders to define measures that demonstrate the security health of team’s products and services
• Know when a project/team requires more hands-on management and know when it is time to operationalize and develop a process framework for the project and/or team(s)
• Promote a culture of continuous improvement by conducting retrospectives to help identify areas of growth and learning within and across teams
• Recognize patterns in a sea of information and take action accordingly
• Expand knowledge into new domains by consistently working to gain the requisite technical knowledge required to skillfully manage the complexities, dependencies, and risks associated with engineering projects
• Conduct deep business analysis to understand security risks, trade-offs, and investment areas that improve customer trust and improve our security posture
• Develop data-backed insights to inform security roadmaps and decision-making, leveraging analytics, customer feedback, and other relevant data
• Establish and track trust metrics that demonstrate the ROI of security initiatives to executive stakeholders
• Develop and deliver security updates, risk assessments, and trust metrics to stakeholders
• Provide regular reports on security program effectiveness, key risk areas, and strategic recommendations to drive informed decision-making
• Act as a trusted advisor to leadership, ensuring security remains a top priority and is effectively integrated into company-wide initiatives

Preferred Qualifications

• A background in Business Analysis and Enterprise Architecture
• Have worked in large scale B2B SaaS technology companies
• Experience working with organizations that have or maintain open source or source available products along with closed source enterprise offerings
• Inspired to innovate in areas where automation can replace manual work. The team works primarily with JIRA and Google Docs, so programming proficiency with either or both tools is a plus

Benefits

• Flexible paid time off
• 20 weeks fully-paid gender-neutral parental leave
• Fertility and adoption assistance
• 401(k) plan
• Mental health counseling
• Access to transgender-inclusive health insurance coverage
• Health benefits offerings
• Equity
• Participation in the employee stock purchase program