Senior Application Security Engineer at Mongodb

Who We Are MongoDB’s Enterprise Security team owns the company’s Information Security program, helping reduce risk across our systems, workforce, and cloud products while building trust with our customers. We partner closely with internal teams and support external-facing services to ensure security is embedded into how we design, build, and operate software at scale. We’re hiring a Senior Application Security Engineer to help secure internally developed applications and SaaS integrations across MongoDB. This role offers hands-on exposure to modern application architectures alongside the opportunity to shape and mature application security practices company-wide. This role can be based in our New York City office or remotely within the United States. What You’ll Do As a Senior Application Security Engineer, you’ll play a critical role in advancing MongoDB’s Information Security program at a company disrupting an $80B market. You’ll help secure the applications and integrations that power our internal operations and cloud offerings, working closely with engineering, product, and infrastructure teams to embed security throughout the software development lifecycle. You’ll assess the security of new and existing applications through secure code reviews, penetration testing, and architecture reviews, identifying risk across SaaS-to-SaaS and SaaS-to-internal integrations. You’ll support application asset inventory and vulnerability management efforts, develop automation to improve security testing and operational efficiency, and apply threat modeling to recommend mitigations aligned with business risk. In addition, you’ll collaborate with teams to design secure, scalable solutions, clearly communicate findings to both technical and non-technical stakeholders, and help evolve application security standards, processes, and documentation; enabling MongoDB to move quickly while maintaining a strong security posture. What We’re Looking For We’re seeking a senior-level security engineer with strong technical depth, sound judgment, and the ability to influence secure design and development practices across the organization. You should be comfortable operating across the full SDLC, collaborating cross-functionally, and balancing hands-on execution with strategic thinking. Required Qualifications • 4+ years of hands-on experience in at least two of the following: application penetration testing, secure code review, or cloud security • 1+ year of software development experience using languages such as Python, TypeScript, JavaScript, or Go • Solid understanding of application security and security engineering fundamentals, including system and network security, authentication and security protocols, and cryptography • Experience performing application architecture reviews and identifying design-level security risks • Hands-on experience with vulnerability management tools and processes, including remediation tracking • Ability to build scripts or automation to support security initiatives • Experience with threat modeling and presenting findings and recommendations to senior stakeholders • Familiarity with cloud platforms and SaaS technologies (e.g., AWS, GCP, Google Workspace) • Working knowledge of security standards and compliance frameworks such as SOC 2, HIPAA, or FedRAMP • Strong written and verbal communication skills, with the ability to tailor messaging for technical and non-technical audiences • Relevant security certifications (e.g., OSCP, OSCE, OSEP, OSWE, OSEE, CCSAS, CCT INF, CWES, CWEE, or equivalent SANS certifications) What Success Looks Like You’ll be successful in this role if you consistently demonstrate: • Collaboration: Partner effectively with engineers and stakeholders to secure applications and services • Execution & Prioritization: Manage multiple initiatives using a risk-based approach • Communication: Clearly articulate security risks, trade-offs, and recommendations • Curiosity & Learning: Stay current on emerging threats, tools, and techniques • Problem Solving: Develop practical, scalable solutions to complex security challenges About MongoDB MongoDB is built for change, empowering our customers and our people to innovate at the speed of the market. We have redefined the database for the AI era, enabling innovators to create, transform, and disrupt industries with software. MongoDB’s unified database platform—the most widely available, globally distributed database on the market—helps organizations modernize legacy workloads, embrace innovation, and unleash AI. Our cloud-native platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available across AWS, Google Cloud, and Microsoft Azure. With offices worldwide and nearly 60,000 customers—including 75% of the Fortune 100 and AI-native startups—relying on MongoDB for their most important applications, we’re powering the next era of software. Our compass at MongoDB is our Leadership Commitment, guiding how and why we make decisions, show up for each other, and win. It’s what makes us MongoDB. To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world! MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter. MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type and makes all hiring decisions without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Req ID: 4263323551 MongoDB’s base salary range for this role is posted below. Compensation at the time of offer is unique to each candidate and based on a variety of factors such as skill set, experience, qualifications, and work location. Salary is one part of MongoDB’s total compensation and benefits package. Other benefits for eligible employees may include: equity, participation in the employee stock purchase program, flexible paid time off, 20 weeks fully-paid gender-neutral parental leave, fertility and adoption assistance, 401(k) plan, mental health counseling, access to transgender-inclusive health insurance coverage, and health benefits offerings. Please note, the base salary range listed below and the benefits in this paragraph are only applicable to U.S.-based candidates. MongoDB’s base salary range for this role in the U.S. is:$118,000—$231,000 USD