Program Manager, Commercial Compliance at Mongodb

Description: The Compliance team at MongoDB manages the strategy, execution, and maintenance of our global security certifications and regulatory requirements. We ensure that our cloud database products meet the rigorous security standards required by our customers in the most highly regulated industries worldwide. We act as the primary interface between external auditors and our internal Product, Engineering, and Legal teams. Our goal is to translate complex regulatory requirements into scalable operational processes, maintaining a compliant and audit-ready posture across our diverse portfolio. The Program Manager / Senior Analyst is a mid-to-senior level individual contributor role responsible for leading high-stakes audits and specialized compliance workstreams. Unlike the Analyst level, this role takes full ownership of complex international frameworks—such as IRAP and ENS High—and manages the relationship with our Financial Services customers during audit deep-dives. You will lead internal audit cadences and perform gap analyses for new market expansions. Responsibilities: • Lead the end-to-end execution of specialized external audits (e.g., ENS High, IRAP, ISO 22301) and coordinate all phases from initial scoping to final certification • Serve as the lead point of contact for Financial Services customer audits, facilitating meetings, responding to security questionnaires, and defending our control environment to external stakeholders • Lead internal audit cadences and drive the POA&M tracking process, ensuring technical teams remediate findings within required SLAs • Map new regulatory requirements to our central control framework, performing gap analyses to identify where existing controls can be leveraged for new certifications • Conduct NIST CSF or similar maturity assessments to monitor the effectiveness of the Compliance Program and report findings to team leads • Author and review customer-facing security documentation, ensuring it accurately reflects our technical controls and architectural guardrails • Partner with Engineering and Product leads to implement compliance-by-design, ensuring future product roadmaps align with global regulatory shifts Requirements: • 7+ years in GRC, Information Security, or IT Audit, specifically within a high-growth SaaS/Cloud environment • Deep understanding of cloud security principles (AWS/GCP/Azure) and a proven track record leading technical audits for ISO 27001, SOC 2, or ENS High • Solid grasp of audit processes, terminology, and risk assessment standards. Certifications such as CISA, CRISC, CISSP, or ISO Lead Implementer are highly preferred • Exceptional ability to lead meetings with external customers and auditors, translating technical complexities into business risk and compliance assurance • Advanced proficiency in Jira for tracking control performance data and managing high-volume remediation workflows • Practical experience performing gap analyses and maturity assessments at an enterprise level Responsibilities & Expectations • You are expected to be a subject matter expert who can operate with minimal supervision • You don't just track tasks; you own the success of the program • You are expected to navigate complex audit negotiations with external parties and drive internal technical teams toward compliance milestones without disrupting innovation Scope & Complexity • The scope is international and technically diverse. You will manage overlapping audit cycles across different global jurisdictions (e.g., Spain, Australia, US) and complex industry sectors • You are responsible for identifying how a single technical control can satisfy multiple global regulatory requirements simultaneously Authority & Impact • You have the authority to lead audit engagements and represent MongoDB’s security posture to sophisticated Financial Services customers • Your impact is direct: by securing and maintaining these certifications, you enable our sales organization to close enterprise-level deals in highly regulated markets Expertise • You will be recognized as an expert in implementing our Common Controls Framework • You move beyond general compliance to become a specialist in how MongoDB’s architecture satisfies specific, high-bar standards like IRAP and ENS High. You are the go-to for mapping technical evidence to regulatory intent Leadership • Leadership in this role is demonstrated through influence and mentorship. While you may not have direct reports, you lead cross-functional project teams through intense audit cycles and mentor junior analysts on audit methodology, documentation standards, and professional communication About MongoDB MongoDB is built for change, empowering our customers and our people to innovate at the speed of the market. We have redefined the database for the AI era, enabling innovators to create, transform, and disrupt industries with software. MongoDB’s unified database platform, the most widely available, globally distributed database on the market, helps organizations modernize legacy workloads, embrace innovation, and unleash AI. Our cloud-native platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available across AWS, Google Cloud, and Microsoft Azure. With offices worldwide and over 60,000 customers, including 75% of the Fortune 100 and AI-native startups, relying on MongoDB for their most important applications, we’re powering the next era of software. Our compass at MongoDB is our Leadership Commitment, guiding how and why we make decisions, show up for each other, and win. It’s what makes us MongoDB. To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world! MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter. MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type and makes all hiring decisions without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. REQ ID: 1273402295 MongoDB’s base salary range for this role is posted below. Compensation at the time of offer is unique to each candidate and based on a variety of factors such as skill set, experience, qualifications, and work location. Salary is one part of MongoDB’s total compensation and benefits package. Other benefits for eligible employees may include: equity, participation in the employee stock purchase program, flexible paid time off, 20 weeks fully-paid gender-neutral parental leave, fertility and adoption assistance, 401(k) plan, mental health counseling, access to transgender-inclusive health insurance coverage, and health benefits offerings. Please note, the base salary range listed below and the benefits in this paragraph are only applicable to U.S.-based candidates. MongoDB’s base salary range for this role in the U.S. is:$85,000—$167,000 USD