Staff Product Security Engineer, Cloud Security

MongoDB is seeking a Staff Product Security Engineer to lead cloud security initiatives for MongoDB Atlas and the cloud platforms that power it across AWS, GCP, and Azure. You’ll be a senior individual contributor in the MongoDB Product Security organization, a diverse team responsible for the security of all customer‑facing products, including Atlas, self‑managed/server, and a broad ecosystem of related services and tools.Within Product Security, the Cloud Security team focuses specifically on Atlas control plane and data plane environments and the underlying cloud platforms, partnering closely with Atlas engineering, SRE, other security engineering teams, and global security operations to build and defend secure‑by‑default, large‑scale, multi‑tenant cloud services.We are looking to speak to candidates who are based in New York City.Requirements~10+ years of experience in application, product, and/or cloud security for large-scale, customer-facing systemsDeep hands-on expertise with cloud security architecture across AWS, GCP, and Azure, with experience across:VPC/networking (segmentation, egress controls, private connectivity)IAM (roles, policies, workload identity, cross-account access)Keys and secrets (KMS, HSMs, secret management systems)Container/orchestration security (e.g., Kubernetes, ECS, serverless)Multi-tenant control planes and blast-radius reduction patternsStrong track record leading complex security programs from definition through rollout and measurable impactAbility to read and reason about code in languages like Go and Java or similar, and familiarity with IaC (e.g., Terraform/CloudFormation), CI/CD, and security automation toolingExperience assessing and securing modern AI and ML-powered features in cloud environments, including data protection, model and prompt abuse, and responsible use of third-party AI servicesExcellent written and verbal communication skills; you can explain complex risks and trade-offs to technical and non-technical audiences and influence without direct authorityIn this role you will…In this Staff Product Security Engineer role, you will:Own and lead Atlas cloud security initiatives such as control plane hardening, cloud security baselines, IAM and customer account protection, and data-plane protections for multi-tenant environmentsTranslate risk and product roadmap goals into measurable workstreams, defining problem statements, requirements, success metrics, and delivery plans that align with Atlas engineering and SRE prioritiesDesign and review large-scale cloud architectures, including networking, identity, secrets management, and service-to-service access, and define secure reference architectures that can be reused across Atlas teamsEmbed security into platforms and guardrails by partnering with security engineering and platform teams to implement policies and automation that make secure-by-default behavior the easiest path for developersLeverage CSPM, infrastructure vulnerability data, and IaC scanning to drive concrete, prioritized hardening work in Atlas environments, with clear coverage and posture metricsLead assessments for Atlas features and platform changes, including design reviews, threat modeling, code review, and targeted testing, with a focus on pragmatic, partner-friendly guidancePartner with detection & response, SRE, and other security teams to provide product and cloud context during incidents, threat hunts, and cloud posture investigationsMentor and level up others, contributing to documentation, internal talks, and training that improve Atlas and cloud security practices across MongoDBServe as a visible security leader and trusted partner for Atlas engineering and SRE leadership on cloud security trade-offs and roadmap decisionsNice to HavesPrior experience as a security lead for a multi-tenant SaaS or cloud platform, particularly in data, database, or infrastructure-as-a-service domainsDirect experience with Atlas-like environments: control planes managing resources across multiple cloud providers, with strong isolation and blast-radius containment requirementsExperience driving improvements in CSPM, vulnerability management, and IaC scanning signal quality and developer adoption at scalePublic contributions to the security community (talks, tools, standards, or publications) in cloud, product, or application securityExperience mentoring other senior/staff engineers, or serving as a bar-raiser in interviews for product/cloud security rolesAbout MongoDBMongoDB is built for change, empowering our customers and our people to innovate at the speed of the market. We have redefined the database for the AI era, enabling innovators to create, transform, and disrupt industries with software. MongoDB’s unified database platform, the most widely available, globally distributed database on the market, helps organizations modernize legacy workloads, embrace innovation, and unleash AI. Our cloud-native platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available across AWS, Google Cloud, and Microsoft Azure.With offices worldwide and over 60,000 customers, including 75% of the Fortune 100 and AI-native startups, relying on MongoDB for their most important applications, we’re powering the next era of software.Our compass at MongoDB is our Leadership Commitment, guiding how and why we make decisions, show up for each other, and win. It’s what makes us MongoDB.To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type and makes all hiring decisions without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.Req. ID: 1273392039MongoDB’s base salary range for this role is posted below. Compensation at the time of offer is unique to each candidate and based on a variety of factors such as skill set, experience, qualifications, and work location. Salary is one part of MongoDB’s total compensation and benefits package. Other benefits for eligible employees may include: equity, participation in the employee stock purchase program, flexible paid time off, 20 weeks fully-paid gender-neutral parental leave, fertility and adoption assistance, 401(k) plan, mental health counseling, access to transgender-inclusive health insurance coverage, and health benefits offerings. Please note, the base salary range listed below and the benefits in this paragraph are only applicable to U.S.-based candidates.MongoDB’s base salary range for this role in the U.S. is:$126,000—$248,000 USD