Program Manager, Governance, Risk, and Compliance
The database market is massive (the IDC estimates it to be $153B+ by 2027!) and MongoDB is at the head of its disruption. The MongoDB community is transforming industries and empowering developers to build amazing apps that people use every day. We are the leading modern data platform and the first database provider to IPO in over 20 years. Join our team and be at the forefront of innovation and creativity.
The MongoDB security team is looking for a Program Manager - Governance, Risk, and Compliance. This role will be responsible for analyzing, documenting and monitoring risk and compliance posture across our existing program.
MongoDB aligns its practices to multiple compliance frameworks in order to support our customer’s needs. The Program Manager - Governance, Risk, and Compliance role will provide support for MongoDB’s compliance team by creating and maintaining comprehensive public sector compliance documentation, arranging meetings, liaising with internal stakeholders to communicate compliance requirements and gather feedback, preparing data for further analysis and reporting, tracking meeting minutes and actions and providing general administrative support to enable continuous growth of the Governance, Risk and Compliance Program.
The ideal Program Manager - Governance, Risk, and Compliance candidate should have demonstrated experience with documents and data handling, proven general administration, be familiar with change management enabling organizations to improve and/or establish efficient and effective processes and drive forward change. Familiarity with compliance programs or technical audits in public sector Information Security related frameworks (i.e. NIST 800-53, NIST 800-171, etc.) is a plus.
This role will support building out an internal compliance program and help scale MongoDB Inc. to support our customer’s needs. MongoDB is a breakthrough company that is disrupting a $40B market. This position has significant growth potential and we’re looking for someone who is excited to take initiative and eager to learn.
Responsibilities- Assist with the development of the annual roadmap, including communicating timelines, managing dependencies, and coordinating resource requirements.
- Manage program timelines and proactively communicate obstacles that may impact milestones and key delivery dates.
- Facilitate productive meetings by developing goal-oriented agendas, documenting meeting minutes, and following up on action items in a timely manner.
- Lead engagements with external auditors by scheduling meetings, drafting relevant communications, and reporting on assessment results.
- Support assessment activities to achieve and/or maintain compliance certifications or evaluate the system for potential sponsors, 3PAO and PMO.
- Plan, schedule, and perform internal gap analyses and maturity assessments.
- Manage findings and coordinate remediation efforts for both internal and external audits.
- Analyze program data to develop informative presentations for communicating performance metrics to Governance, Risk, and Compliance stakeholders.
- Utilize ticketing systems and workflows to monitor internal Governance, Risk, and Compliance activities to maintain project timelines and objectives.
- Develop, update, and maintain documentation for MongoDB’s public sector cloud customers.
Qualifications
- Bachelor's degree or equivalent practical experience.
- Possess a practical understanding of cloud security compliance, risk management, information security principles, including a working knowledge of cloud controls and environments.
- Experience with security and major compliance standards such as ISO 27001, SOC 2, PCI NIST 800-53
- Possess extensive experience in internal governance, risk, and compliance functions, along with a deep understanding of policies, procedures, and governance frameworks within highly regulated industries
- Practical experience performing gap analysis, maturity assessments, and risk assessments.
- Experience managing projects and work streams at the enterprise level.
- Experience implementing compliance technology and associated tools.
- Ability to engage organizational levels simultaneously, leading to solutions/sustainable programs.
- Knowledge of compliance and regulatory processes, including aligning policies to regulatory and business requirements.
- Demonstrate an exceptional level of attention to detail coupled with strong organizational skills.
- Possess strong presentation building, communication, analytical, diagnostic, and critical thinking skills.
- Excellent verbal, written and interpersonal communication skills with both technical and non-technical audiences
- Demonstrate an adept skill in navigating uncertainties and formulating clear plan of actions
- Take proactive ownership of tasks and autonomously drive them to successful completion
Preferred Qualifications
- Experience with FedRAMP, NIST 800-53, and NIST 800-171,
- Experience working with Jira
- Experience reviewing and editing SSPs, IRPs, ISCPs, and other FedRAMP related documentation
- Project management experience including:
- process, metrics and dashboard reporting,
- drafting communications,
- drafting meeting minutes,
- rollout of information security training and awareness program
- project management support and reporting
- An understanding of the common and fundamental project management processes e.g. scoping, planning, risk management, change control, communication etc.
To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!
MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.
MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type and makes all hiring decisions without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
MongoDB’s base salary range for this role is posted below. Compensation at the time of offer is unique to each candidate and based on a variety of factors such as skill set, experience, qualifications, and work location. Salary is one part of MongoDB’s total compensation and benefits package. Other benefits for eligible employees may include: equity, participation in the employee stock purchase program, flexible paid time off, 20 weeks fully-paid gender-neutral parental leave, fertility and adoption assistance, 401(k) plan, mental health counseling, access to transgender-inclusive health insurance coverage, and health benefits offerings. Please note, the base salary range listed below and the benefits in this paragraph are only applicable to U.S.-based candidates.
MongoDB’s base salary range for this role in the U.S. is:$85,000—$167,000 USD