MongoDB’s mission is to empower innovators to create, transform, and disrupt industries by unleashing the power of software and data.
We enable organizations of all sizes to easily build, scale, and run modern applications by helping them modernize legacy workloads, embrace innovation, and unleash AI.
Our industry-leading developer data platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available in more than 115 regions across AWS, Google Cloud, and Microsoft Azure.
Atlas allows customers to build and run applications anywhere—on premises, or across cloud providers.
With offices worldwide and over 175,000 new developers signing up to use MongoDB every month, it’s no wonder that leading organizations, like Samsung and Toyota, trust MongoDB to build next-generation, AI-powered applications.
The MongoDB Information Security team is seeking a motivated Information Security Analyst to join us.
The ideal candidate will have a vast background in security, including but not limited to, experience in corporate environments, incident response, systems, applications, and an understanding of cloud environments.
This is an exciting opportunity to be a key member of our Information Security Operations team.
We are an end to end Security Operations team.
You will be responsible for solving technical and administrative problems, reducing risk, and building trust.
You will also be responsible for maintaining security solutions, tooling, alerting, and automation workflows.
The team aims to seek challenges, analyze alerts, establish trust across the team and greater org.
This role would ideally be in the CST or MST time zone.
We are looking for someone with the following skills:
Displayed experience in security operations, incident response, and threat hunting disciplinesPractical knowledge of common threats and exposures to web applications and servicesExperience with detection / incident tooling or automation workflow optimizationProficient in cloud ecosystems, including tools, technologies, and how to secure themProven experience in operating & maintaining SIEM, SOAR, and EDR; developing queries and alertsAccustomed to performing investigations, analysis and communicating the events or incidents to proper stakeholders clearlyExperience deploying tooling to advance investigation tactics and incident response across different environments ie; corporate environments and cloud environmentsA strong understanding of MacOS, Linux, and Windows securityLove to learn; you are motivated to learn about security and tinkeringExperience interfacing with technical and non-technical individuals.
Ability to adjust the level of technicality depending on the audienceGIAC, CEH, GSOC certificates Position expectations:
Drive maturity of Operations by suggesting overall improvements ie; playbooks, detections, automations, and gaps critical in working with other teams and departmentsStrong understanding of fedRAMP security alertsLeverage and maintain automation workflows, and enriching discoveries and detectionsUtilizing analysis frameworks (ie; MITRE) to better understand gaps, and work towards closing those gaps Displayed experience in responding to fedRAMP security alerts Maintain, improve, and configure Information Security Operations tooling and alertsDevelop and maintain well written documentation and playbooksWork cross functionally with multiple teams deploying tooling, establishing new processes, or improving existing processesAbility to quickly learn new Information Security concepts and adapt to a modern, fast-paced organizationMentor and train others on the team to level up.
We will all grow togetherParticipate in weekly on-call rotations Special requirements:
Be a US Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, or asylum seeker with appropriate documentation)