The MongoDB Compliance team manages the strategy, execution, and maintenance of our global security certifications and regulatory requirements. We ensure that our cloud database products meet the rigorous security standards required by our customers in the most highly regulated industries worldwide.
We act as the primary interface between external auditors and our internal Product, Engineering, and Legal teams. Our goal is to translate complex regulatory requirements into scalable operational processes, maintaining a compliant and audit-ready posture across our diverse portfolio.
The Commercial Compliance Program Manager role is an individual contributor role responsible for leading high-stakes audits and specialized compliance workstreams. This role owns the lifecycle of complex frameworks like IRAP, ENS High, PCI, SOC2 and ISO 22301, and manages the relationship with our Financial Services customers during audit deep-dives. You will lead internal audit cadences and perform gap analyses for new market expansions.
You are more than a task-tracker; you own the program's success. By mapping technical evidence to regulatory intent across global jurisdictions (Spain, Australia, US, etc.), you directly enable the sales organization to close enterprise-level deals and expand MongoDB’s global footprint.
Key Responsibilities:- Lead Global Audits: Manage end-to-end execution of external certifications (PCI, SOC2, ENS High, IRAP, ISO) from scoping to final issuance
- Financial Services Lead: Act as the primary point of contact for customer audits, defending our control environment and responding to deep-dive security inquiries
- Operational Oversight: Drive internal audit cadences and the POA&M process, ensuring technical teams remediate findings within SLAs
- Compliance-by-Design: Partner with Engineering/Product to map new regulatory requirements to our central framework and guide product roadmaps
- Gap Analysis & Maturity: Perform NIST CSF maturity assessments and identify how single controls can satisfy multiple global jurisdictions
- Technical Documentation: Author and review customer-facing security collateral that accurately reflects our architectural guardrails
- 7+ years in GRC, InfoSec, or IT Audit within a high-growth SaaS/Cloud environment
- Proven track record leading technical audits for ISO 27001, SOC 2, or PCI
- Strong understanding of security principles within AWS, GCP, or Azure
- Exceptional ability to translate technical complexities into compliance assurance for external auditors and enterprise customers
- Advanced proficiency in Jira for managing high-volume remediation workflows and control data
- Preferred: Professional certifications such as CISA, CRISC, CISSP, or ISO Lead Implementer
MongoDB is built for change, empowering our customers and our people to innovate at the speed of the market. We have redefined the database for the AI era, enabling innovators to create, transform, and disrupt industries with software. MongoDB’s unified database platform, the most widely available, globally distributed database on the market, helps organizations modernize legacy workloads, embrace innovation, and unleash AI. Our cloud-native platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available across AWS, Google Cloud, and Microsoft Azure.
With offices worldwide and over 60,000 customers, including 75% of the Fortune 100 and AI-native startups, relying on MongoDB for their most important applications, we’re powering the next era of software.
Our compass at MongoDB is our Leadership Commitment, guiding how and why we make decisions, show up for each other, and win. It’s what makes us MongoDB.
To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!
MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.
MongoDB, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type and makes all hiring decisions without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
REQ ID: 1273402295
MongoDB’s base salary range for this role is posted below. Compensation at the time of offer is unique to each candidate and based on a variety of factors such as skill set, experience, qualifications, and work location. Salary is one part of MongoDB’s total compensation and benefits package. Other benefits for eligible employees may include: equity, participation in the employee stock purchase program, flexible paid time off, 20 weeks fully-paid gender-neutral parental leave, fertility and adoption assistance, 401(k) plan, mental health counseling, access to transgender-inclusive health insurance coverage, and health benefits offerings. Please note, the base salary range listed below and the benefits in this paragraph are only applicable to U.S.-based candidates.
Skills Required
- 7+ years in GRC, Information Security, or IT Audit within a high-growth SaaS/Cloud environment
- Deep understanding of cloud security principles (AWS/GCP/Azure)
- Proven track record leading technical audits for ISO 27001, SOC 2, or ENS High
- Certifications such as CISA, CRISC, CISSP, or ISO Lead Implementer are highly preferred
- Advanced proficiency in Jira for tracking control performance data
- Practical experience performing gap analyses and maturity assessments at an enterprise level
What the Team is Saying
MongoDB Compensation & Benefits Highlights
-
Parental & Family Support — Paid parental leave up to 20 weeks, backup childcare days, and global fertility/adoption support are emphasized as generous and inclusive. Family-forming programs through dedicated partners and structured return-to-work flexibility further strengthen this pillar.
-
Healthcare Strength — Comprehensive medical, dental, and vision coverage is paired with extras like free primary-care memberships, mental-health resources, and care navigation. Added coverage for gender affirmation and menopause/low-testosterone needs underscores depth in clinical and holistic support.
-
Wellbeing & Lifestyle Benefits — Wellbeing programs, meditation and mindfulness tools, and fitness partnerships are highlighted alongside in-office lunches on hub days. These everyday perks complement core coverage and support sustained work-life balance.
MongoDB Insights
What We Do
The database market is big. How big? Well, according to IDC, it’ll reach $153 billion by 2027. And MongoDB is at the forefront of that innovation with thousands of customers across the globe. We empower developers and businesses to build and deploy the applications they want, wherever they want.
Why Work With Us
We are ambitious. We are passionate about creativity. And we believe the best paths are the ones we have yet to forge.
Gallery
MongoDB Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
MongoDB provides multiple working model options for our employees, including the flexibility to work from home to opportunities for collaboration and social interaction in a MongoDB office.
