Staff Security Engineer, Developer Productivity

Posted 2024-07-11

💎 Seniority level: Staff, 8+ years

🔍 Industry: Software Development

🗣️ Languages: English

⏳ Experience: 8+ years

🪄 Skills: DockerPythonSoftware DevelopmentCybersecurityJavaKubernetesC++GoRustC (Programming language)

8+ years of experience with application security testing and analysis tools.
Relevant software development experience with knowledge of how software is built.
Subject matter expertise in all phases of the software development lifecycle.
Domain expertise in software and security best practices.
Experience with threat modeling, risk analysis, and control design.
Advanced understanding of vulnerability exploitation and remediation.
Experience with languages such as C++, C, Rust, Go, Python, Java.
Familiarity with cloud-native development pipelines and tooling (Docker, Kubernetes).
Ability to work autonomously and create solutions independently.
Ability to work collaboratively across teams.

Collaborate with MongoDB Infosec and application security teams to create a threat matrix for SDLC processes.
Provide architectural guidance and implement security tooling across developer pipelines and services.
Drive SDLC compliance with engineering efforts and automation of processes.
Engage in security investigations for emerging threats.
Develop strategies to enhance SDLC security posture using red team and pen test activities.
Act as a technical authority aligned with MongoDB’s security initiatives.
Stay updated on software security industry trends.
Work with Legal, Privacy and Internal Audit for compliance.

Posted 2024-07-11

🧭 Full-Time

💸 137000 - 270000 USD per year

🔍 Database and Developer Tools

8+ years of experience with application security testing and analysis tools.
Relevant software development experience to understand how software is designed and built.
Expertise in the software development lifecycle and supply chain.
Experience with threat modeling, risk analysis, and control design.
Advanced understanding of vulnerability exploitation and remediation.
Familiarity with programming languages such as C++, C, Rust, Go, Python, Java.
Experience with cloud native development pipelines and tools like Docker and Kubernetes.
Ability to work independently and identify solutions.
Demonstrated collaborative skills with senior engineering leaders.

Collaborate with MongoDB Infosec and application security teams to create a threat matrix focused on SDLC processes.
Provide architectural guidance and implement security tooling and controls across developer pipelines.
Drive SDLC compliance through implementation and automation of controls.
Work with engineering teams to build scalable security solutions.
Engage in security investigations and analyze emerging threats.
Develop strategies to enhance SDLC security posture.
Serve as a technical authority and manage large-scale security projects.
Stay updated on software security trends and compliance requirements.
Collaborate with Legal, Privacy, and Internal Audit for compliance.

DockerPythonSoftware DevelopmentCybersecurityJavaKubernetesProduct DevelopmentGoRustC (Programming language)

Posted 2024-07-11

🔧 Requirements