Senior IAM & Security Engineer

At least 5 years of experience in Identity & Access Management, Security Engineering, or Cloud Security roles with increasing responsibility

Demonstrated experience working in or supporting FedRAMP High or Moderate environments, or equivalent U.S. public-sector frameworks (e.g., FISMA, StateRAMP), including control implementation, continuous monitoring, and audit support (e.g., NIST 800‑53, Authority to Operate (ATO) and ATO‑ready processes, and Plan of Action and Milestones (POA&M))

Subject matter expertise in securing workforce identity and access at scale in an enterprise environment using platforms such as Okta, AWS IAM, GCP IAM, and Azure AD

Strong understanding of authentication and authorization in modern environments, including OAuth2, OIDC, SAML, MFA, and phishing-resistant authentication methods

Deep experience designing and operating RBAC models, access patterns, and identity governance workflows, including identity lifecycle (provisioning, deprovisioning, access reviews, and just‑in‑time access)

Experience securing non-human identities (e.g., service accounts, workloads, automation identities, and agentic AI systems), including lifecycle management, secret/key management, and least‑privilege access design

Lead the administration and enhancement of IAM platforms, including Okta, AWS IAM, GCP IAM, and Azure AD, ensuring secure, least-privilege, and scalable access models for both human and non-human identities (service accounts, workloads, automation and agentic AI systems) across our workforce and cloud environments

Architect and implement SSO and authentication solutions (SAML, OIDC, OAuth2, MFA), including signals sharing and global token revocation, to strengthen user and workload verification and session security

Design, implement, and continuously improve RBAC, access models, and identity governance workflows, ensuring strong access hygiene, clear separation of duties, and audit readiness

Define and standardize patterns for non-human identity lifecycle and access (e.g., cloud workloads, automation tools, agentic AI systems), ensuring consistent, least‑privilege access across environments

Automate complex identity lifecycle processes (provisioning, deprovisioning, access changes, and just‑in‑time access) using Terraform/OpenTofu, CloudFormation, Python, and Tines, reducing manual effort and error rates

Secure multi-cloud environments (AWS, GCP, Azure) from an identity and access perspective, focusing on IAM policies, resource permissions, preventative controls, and alignment with our enterprise cloud strategy

MongoDB is built for change, empowering our customers and our people to innovate at the speed of the market. We have redefined the database for the AI era, enabling innovators to create, transform, and disrupt industries with software. MongoDB’s unified database platform, the most widely available, globally distributed database on the market, helps organizations modernize legacy workloads, embrace innovation, and unleash AI. Our cloud-native platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available across AWS, Google Cloud, and Microsoft Azure.

With offices worldwide and over 60,000 customers, including 75% of the Fortune 100 and AI-native startups, relying on MongoDB for their most important applications, we’re powering the next era of software.

Our compass at MongoDB is our

Leadership Commitment,

guiding how and why we make decisions, show up for each other, and win. It’s what makes us MongoDB.

To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone.