
Senior Product Security Engineer, Server
The MongoDB Product Security organization is looking for a Senior Product Security Engineer to strengthen the core database products, with responsibility for the MongoDB Database Server (Community and Enterprise editions). The multidisciplinary team works with software engineers to design, implement, and operate systems in a manner that protects customer data, covering product, software, cloud, infrastructure, and operational security. The role can be based out of the Dublin office or remotely in Ireland.
Responsibilities
- ▹Take ownership, define strategy, and drive improvement for parts of the program such as fuzzing, threat modeling, secrets management, or container security
- ▹Advocate for and lead complex security projects from inception through completion
- ▹Drive architecture, patterns, and processes across Server Engineering that make security the easiest path
- ▹Partner closely with engineering teams to design and implement security controls across software and systems
- ▹Research and proof-of-concept new attacks against MongoDB systems
- ▹Plan and perform product security assessments including architecture review, threat modeling, code review, pen testing, and general security consulting
- ▹Serve as a security subject matter expert for software security and architecture
- ▹Educate the engineering organization on security through CTFs, lunch-and-learns, and one-on-one mentorship
Requirements
- ▹7+ years of experience in application security, software security, or product security
- ▹Proven experience in C++ programming, performing security assessments on low-level codebases, and implementing remediation strategies for memory-related security flaws such as buffer overflows and memory leaks
- ▹Programming experience and ability to contribute code back to the environments
- ▹Strong track record of partnering with software engineers: leading threat models, performing security design reviews, and forming pragmatic security recommendations
- ▹Demonstrated ownership of security initiatives, with the ability to deliver results autonomously or collaboratively
- ▹Ability to work flexible hours occasionally to collaborate with US-based colleagues
Nice to have
- ▹Subject matter expertise in database security or data security
- ▹Knowledge of database engines, database internals, or applied cryptography
- ▹Experience contributing to or partnering with security researchers to identify vulnerabilities published as CVEs, or administrative responsibilities of a CNA
Soft skills
What we offer
- ▹Employee affinity groups
- ▹Fertility assistance
- ▹Generous parental leave policy
- ▹Option to work remotely in Ireland
About the company
MongoDB is built for change, empowering customers and employees to innovate at the speed of the market. Its unified data platform helps organizations modernize legacy workloads and unleash AI. The cloud-native MongoDB Atlas is the only globally distributed, multi-cloud data platform, available across AWS, Google Cloud, and Microsoft Azure, with over 67,000 customers including 75% of the Fortune 100. MongoDB has a diverse, inclusive, equitable, and high-performing environment and is an equal opportunities employer.