Program Manager

Description: The Assurance, Risk, and Compliance (“ARC”) Initiatives team at MongoDB owns the strategy, governance, and delivery of our most critical cross-functional risk and compliance initiatives. We design and execute programs that support compliance audits, risk assessments, employee awareness and enablement, and the implementation of common control frameworks, along with consistent operating cadences that align key stakeholders, accelerate decision making, and drive the execution of initiatives that reinforce MongoDB’s assurance, risk management, and compliance objectives. We define and track key metrics and deliver clear and timely, executive reporting to provide transparency, measure progress, and ensure lasting operational resilience and governance. We serve as the central coordination point for ARC-wide initiatives, connecting Product, Engineering, Security, and Legal teams around clear priorities, milestones, and outcomes. Our focus is on building scalable governance structures, defining decision-making frameworks, and establishing repeatable ways of working so that complex efforts can be executed consistently across the team. The Policy Program Manager is a mid-to-senior level individual contributor role responsible for leading the development and operationalization of policies and procedures aligned to established control frameworks. You will drive end-to-end ownership of policy lifecycle management, from drafting and review through implementation and ongoing maintenance, while coordinating inputs across teams to ensure accuracy, consistency, and adoption. Additionally, you will lead documentation standardization efforts, facilitate stakeholder reviews, and perform gap analyses to continuously strengthen and mature our ARC policy framework. Responsibilities: Lead the end-to-end execution of company-wide compliance programs, including the annual security policy and procedure review cycle Design and implement scalable frameworks for policy lifecycle management (creation, review, approval, publication, and retirement) Establish standards, templates, and governance processes to ensure consistency and clarity across all compliance documentation Maintain a centralized, audit-ready repository for policies, procedures, and supporting artifacts Act as the primary point of contact for cross-functional teams (HR, Legal, Engineering, Product) Drive alignment, gather inputs, and ensure timely completion of policy updates and compliance deliverables Ensure policies and procedures align with regulatory, security, and internal control requirements Support internal and external audits by maintaining complete, accurate, and accessible documentation Translate audit findings and regulatory changes into actionable policy program updates Maintain the integrity of project-specific Jira boards and Confluence pages. Ensure all project artifacts are organized, up-to-date, and ready for leadership review or external audit Develop and maintain dashboards to report on program health, completion rates, and obstacles. Present status updates and metrics to leadership Evaluate existing program workflows and implement improvements to increase efficiency, reduce manual effort, and improve the stakeholder experience Requirements: 5-8 years of program management experience, ideally within an Information Security or high-growth technology environment Experience creating and managing policy and procedure programs or governance frameworks Deep understanding of security and compliance frameworks (e.g., SOC 2, ISO 27001, PCI DSS, HIPAA, NIST CSF) Strong proficiency in managing full-lifecycle projects, including scoping, planning, risk mitigation, and change control Advanced experience with Jira and Confluence, including the ability to build custom dashboards and manage complex documentation repositories Maintain and support a GRC/policy management platform to ensure consistent policy administration and system usability Excellent in ... (truncated, view full listing at source)