Senior Application Security Engineer

We’re seeking a senior-level security engineer with strong technical depth, sound judgment, and the ability to influence secure design and development practices across the organization. You should be comfortable operating across the full SDLC, collaborating cross-functionally, and balancing hands-on execution with strategic thinking.

4+ years of hands-on experience in at least two of the following: application penetration testing, secure code review, or cloud security

1+ year of software development experience using languages such as Python, TypeScript, JavaScript, or Go

Solid understanding of application security and security engineering fundamentals, including system and network security, authentication and security protocols, and cryptography

Experience performing application architecture reviews and identifying design-level security risks

As a Senior Application Security Engineer, you’ll play a critical role in advancing MongoDB’s Information Security program at a company disrupting an $80B market. You’ll help secure the applications and integrations that power our internal operations and cloud offerings, working closely with engineering, product, and infrastructure teams to embed security throughout the software development lifecycle.

You’ll assess the security of new and existing applications through secure code reviews, penetration testing, and architecture reviews, identifying risk across SaaS-to-SaaS and SaaS-to-internal integrations. You’ll support application asset inventory and vulnerability management efforts, develop automation to improve security testing and operational efficiency, and apply threat modeling to recommend mitigations aligned with business risk.

In addition, you’ll collaborate with teams to design secure, scalable solutions, clearly communicate findings to both technical and non-technical stakeholders, and help evolve application security standards, processes, and documentation; enabling MongoDB to move quickly while maintaining a strong security posture.

MongoDB’s Enterprise Security team owns the company’s Information Security program, helping reduce risk across our systems, workforce, and cloud products while building trust with our customers. We partner closely with internal teams and support external-facing services to ensure security is embedded into how we design, build, and operate software at scale.

We’re hiring a Senior Application Security Engineer to help secure internally developed applications and SaaS integrations across MongoDB. This role offers hands-on exposure to modern application architectures alongside the opportunity to shape and mature application security practices company-wide.

This role can be based in our New York City office or remotely within the United States.

MongoDB is built for change, empowering our customers and our people to innovate at the speed of the market. We have redefined the database for the AI era, enabling innovators to create, transform, and disrupt industries with software. MongoDB’s unified database platform—the most widely available, globally distributed database on the market—helps organizations modernize legacy workloads, embrace innovation, and unleash AI. Our cloud-native platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available across AWS, Google Cloud, and Microsoft Azure.

With offices worldwide and nearly 60,000 customers—including 75% of the Fortune 100 and AI-native startups—relying on MongoDB for their most important applications, we’re powering the next era of software.