• The ideal candidate will have over two years of experience in software development at least one year of experience in Information/Cyber Security AND the ability to develop production standard software to create innovative applications to address security gaps
• Candidates for this role should have strong software development experience and a deep understanding of programming languages and software development best practices
• The ideal candidate will possess hands-on experience working with frontend frameworks such as React, Angular, or Vue.js
• Additionally, we're looking for individuals with a background in pen testing or security reviews, and a solid awareness of various approaches to application security
• Previous experience in implementing secure coding practices and identifying potential vulnerabilities in web applications is highly desirable
• We are looking for someone who is proactive in presenting ideas and has demonstrated problem-solving skills
• Additionally, this role requires a strong ability to multitask and solid communication skills
• 2+ years of software development experience with at least one programming language such as Python, JavaScript, Go, Ruby, Java, C# or C/C++
• Previous experience working with frontend frameworks such as React or Angular
• Minimum 1 year of hands-on experience in cyber security
• Demonstrated success in completing development projects in previous roles
• Ability to develop applications from scratch using React / Node JS / Typescript / Python
• Intermediate knowledge of application security, security engineering, system and network security, authentication and security protocols, or cryptography
• Have Offensive security certifications, including OSCP, OSCE, OSEP, OSEE, CCSAS, CCT INF or relevant SANS courses
• Demonstrated success completing complex projects in previous roles
• Be familiar with Cloud (Paas or SaaS) technologies (like AWS, GCP, GSuite)
• Strong experience with application architecture reviews
• Experience with vulnerability management tools and processes
• Demonstrated ability to create scripts and automated processes
• Have a background in threat modeling and advocating for technical changes to exceed customer expectations, including delivering reports to upper management
• Excellent written and verbal communication skills with the ability to adapt messaging to technical and non-technical audiences at all levels, including senior leadership
• Understand different Information Security standards and reports (e.g. SOC2, HIPAA, Fedramp)
• Experience working with technical teams on finding elegant solutions to complex problems managing them to resolution and release
• Understanding of networking protocols

Desirable

• MongoDB is seeking a passionate Application Developer to help expand MongoDB’s Information Security Program, specifically focusing on developing Application Security systems
• The MongoDB Security Team is responsible for MongoDB Inc.'s Information Security Program
• It helps reduce risk in our systems and company and establish trust in our product offerings and cloud services
• Our customers are both internal MongoDB employees and external customers
• This is an exciting chance to join a dynamic and innovative team with many opportunities to grow. MongoDB prides itself on offering careers rather than jobs
• MongoDB is looking for an experienced professional to join our security team, emphasizing a strong background in software development
• This role's primary focus is internal tool development
• You will be responsible for designing, developing, and implementing software solutions to address a variety of information security challenges
• Your primary objective will be to code and create robust and efficient tools that aid in the protection of our company's digital assets
• The secondary focus will be making our applications more secure, e.g. , by helping application owners understand full application release lifecycles, penetration testing, assistance with code reviews, and more
• This role is technical, focusing mainly on development work, but will also present an opportunity to improve company-wide processes focusing on application security
• Develop and maintain custom InfoSec tools and systems, including, but not limited to, tools focused on automation and asset inventory automation
• Continuously assess and improve existing internal tools for performance, scalability, and security, emphasizing enhancing automation capabilities and maintaining an accurate asset inventory
• Cross-collaborate with other team members to understand security needs and translate them into functional software solutions
• Rapidly understand and assess new technologies
• Participate in code reviews, contribute to best practices, and maintain documentation related to developing and deploying InfoSec tools
• The ability to work with geographically distributed teams and multitasking are essential
• Communicate security threats, assessments and risks, as well as make recommendations
• Educate Engineers and Product teams on the importance of Application Security and Vulnerability Management
• Ability to quickly learn new systems and architectures
• Willingness to learn new technologies and adapt to a modern, fast-paced organization
• Work cross-functionally with multiple teams to improve existing processes and establish new ones
• Ability to create documentation when needed and defend and execute on findings
• This is an important role in helping mature the capabilities of the Information Security Program for a breakthrough company disrupting a $80B market
• This position has significant growth potential, and we’re seeking someone excited to take the initiative and help secure our company
• This position will report directly to the Manager of Application Security (EMEA-based)