Staff Product Security Engineer, Cloud Security

MongoDB is seeking a Staff Product Security Engineer to lead cloud security initiatives for MongoDB Atlas and the cloud platforms that power it across AWS, GCP, and Azure. You’ll be a senior individual contributor in the MongoDB Product Security organization, a diverse team responsible for the security of all customer‑facing products, including Atlas, self‑managed/server, and a broad ecosystem of related services and tools. Within Product Security, the Cloud Security team focuses specifically on Atlas control plane and data plane environments and the underlying cloud platforms, partnering closely with Atlas engineering, SRE, other security engineering teams, and global security operations to build and defend secure‑by‑default, large‑scale, multi‑tenant cloud services. We are looking to speak to candidates who are based in New York City. Requirements ~10+ years of experience in application, product, and/or cloud security for large-scale, customer-facing systems Deep hands-on expertise with cloud security architecture across AWS, GCP, and Azure, with experience across: VPC/networking (segmentation, egress controls, private connectivity) IAM (roles, policies, workload identity, cross-account access) Keys and secrets (KMS, HSMs, secret management systems) Container/orchestration security (e.g., Kubernetes, ECS, serverless) Multi-tenant control planes and blast-radius reduction patterns Strong track record leading complex security programs from definition through rollout and measurable impact Ability to read and reason about code in languages like Go and Java or similar, and familiarity with IaC (e.g., Terraform/CloudFormation), CI/CD, and security automation tooling Experience assessing and securing modern AI and ML-powered features in cloud environments, including data protection, model and prompt abuse, and responsible use of third-party AI services Excellent written and verbal communication skills; you can explain complex risks and trade-offs to technical and non-technical audiences and influence without direct authority In this role you will… In this Staff Product Security Engineer role, you will: Own and lead Atlas cloud security initiatives such as control plane hardening, cloud security baselines, IAM and customer account protection, and data-plane protections for multi-tenant environments Translate risk and product roadmap goals into measurable workstreams , defining problem statements, requirements, success metrics, and delivery plans that align with Atlas engineering and SRE priorities Design and review large-scale cloud architectures , including networking, identity, secrets management, and service-to-service access, and define secure reference architectures that can be reused across Atlas teams Embed security into platforms and guardrails by partnering with security engineering and platform teams to implement policies and automation that make secure-by-default behavior the easiest path for developers Leverage CSPM, infrastructure vulnerability data, and IaC scanning to drive concrete, prioritized hardening work in Atlas environments, with clear coverage and posture metrics Lead assessments for Atlas features and platform changes , including design reviews, threat modeling, code review, and targeted testing, with a focus on pragmatic, partner-friendly guidance Partner with detection response, SRE, and other security teams to provide product and cloud context during incidents, threat hunts, and cloud posture investigations Mentor and level up others , contributing to documentation, internal talks, and training that improve Atlas and cloud security practices across MongoDB Serve as a visible security leader and trusted partner for Atlas engineering and SRE leadership on cloud security trade-offs and roadmap decisions Nice to Haves Prior experience as a security lead for a multi-tenant SaaS or cloud platform , particularly in data, database, or infrastructure-as-a-service domains Direct e ... (truncated, view full listing at source)