Staff Software Engineer, Server Security

MongoDB’s mission is to empower innovators to create, transform, and disrupt industries by unleashing the power of software and data. We enable organizations of all sizes to easily build, scale, and run modern applications by helping them modernize legacy workloads, embrace innovation, and unleash AI. Our industry-leading developer data platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available in more than 115 regions across AWS, Google Cloud, and Microsoft Azure. Atlas allows customers to build and run applications anywhere—on premises, or across cloud providers. With offices worldwide and over 175,000 new developers signing up to use MongoDB every month, it’s no wonder that leading organizations, like Samsung and Toyota, trust MongoDB to build next-generation, AI-powered applications. MongoDB is seeking highly technical candidates for a role on the Server Security team as a Staff Software Engineer. Server Security is a development focused group within the engineering organization. The Server Security team builds features in the core MongoDB Server that enable database users to secure their data, such as TLS and X.509 certificate management, at-rest data encryption, authentication and authorization systems, and the new Queryable Encryption offering. Our team operates close to the bottom of the stack, and has a lot of influence over the safety and robustness of our open source database and a growing ecosystem of cloud services and client applications. In this role, you'll be a leader in continually improving our security posture by owning features and tools that support this mission. In addition, you'll have the opportunity to lead security investigations into some of the most challenging and complex areas of our codebase, collaborating with software engineers across the organization. An ideal candidate has experience writing secure, high quality application code, can communicate complex technical concepts well, and has great diagnostic intuition as it applies to security in complex distributed architectures. This role can be based out of the New York Office or remote, working East Coast hours. What you’ll do Design and lead complex projects to improve our security posture Implement, test, and support new features related to cryptography, security engineering, and compliance assurance, in a large feature-rich C++ codebase Assist fellow engineers in, and be an advocate for, writing secure, well-reasoned and high-quality features Collaborate with other teams in engineering, cloud services, support, consulting, training, and marketing to coordinate feature rollouts and changes Ideally, you will have 10+ years of experience in software development, with a focus on security Ability to diagnose thorny technical issues central to databases: distributed systems, data replication, query optimization, data storage, OS internals, concurrency and scheduling, networking, etc Expertise in common network security protocols, fundamental cryptographic principles, and related technologies: e.g., TLS, Private/Public Key Cryptography, PKI, Hashing, CRLs, token-based auth, etc Experience supporting production environments, and/or working directly with end-users to investigate and diagnose highly technical security issues Ability to: Read and understand the intent of code and stack traces in many languages, especially C++ Stand for code quality and software design best practices Quickly grok and clearly synthesize implications of system behavior Excellent communication skills (both written and verbal) as you will be working with users from all over the world with very diverse backgrounds, as well as with a highly technical engineering team Success Measures In 1 week: You have completed your first Pull Request In 3 Months: You demonstrate a thorough understanding of our existing architecture You are a productive contributor to select components of the Server Security codebase You are identifying opportunities for improvement of security and/or code quality within the codebase You are providing security-focused reviews of pull requests and design proposals from other MongoDB server engineers In 6 Months: You have made a substantial new addition to the security codebase You play an active role in defining and driving the short and long term roadmap of our product You mentor other members of the team on secure concepts and code quality You are acting as a representative of the team in inter-team discussions You can speak to holistic strengths and weaknesses in product capabilities You can lead the response to some escalations from our experienced Technical Services Team In 12 Months: You are running a large project to improve our security offerings You demonstrate a deep understanding of one or more Server Security components You are a deeply respected mentor for our team and all surrounding teams and advocate for and on behalf of the Server Security team To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB , and help us make an impact on the world MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter. MongoDB is an equal opportunities employer. #J-18808-Ljbffr