The worldwide data management software market is massive (According to IDC, the worldwide database software market, which it refers to as the database management systems software market, was forecasted to be approximately $82 billion in 2023 growing to approximately $137 billion in 2027. This represents a 14% compound annual growth rate). At MongoDB we are transforming industries and empowering developers to build amazing apps that people use every day. We are the leading developer data platform and the first database provider to IPO in over 20 years. Join our team and be at the forefront of innovation and creativity.The MongoDB security team is looking for a Program Manager, Governance Risk and Compliance. This role will be responsible for analyzing, documenting and monitoring risk and compliance posture across our existing program.This role can be fully remote in Spain, or based out of our Barcelona or Madrid offices with flexible in-office options.MongoDB aligns its practices to multiple compliance frameworks in order to support our customer's needs. The Program Manager, Governance Risk and Compliance role will provide support for MongoDB's information security compliance team by leading third party audits, creating and maintaining comprehensive compliance documentation, arranging meetings, liaising with internal stakeholders to communicate compliance requirements and gather feedback, preparing data for further analysis and reporting, tracking meeting minutes and actions and providing general administrative support to enable continuous growth of the Governance, Risk and Compliance Program.The ideal Program Manager, Governance Risk and Compliance candidate should have a good grasp on information security concepts that are relevant to cloud environments, demonstrated experience with documents and data handling, proven general administration, be familiar with change management enabling organizations to improve and/or establish efficient and effective processes and drive forward change. Familiarity with compliance programs or technical audits in Information Security related frameworks (i.e. ISO 27001, PCI DSS, etc.) is a mandatory.This role will support building out an internal compliance program and help scale MongoDB Inc. to support our customer's needs. MongoDB is a breakthrough company that is disrupting a $40B market. We're looking for someone who is excited to take initiative and eager to learn.We are looking to speak to candidates who are based in Barcelona for our hybrid working model.ResponsibilitiesSupport the adoption of a central control framework that translates to our environmentSupport the centralization of compliance data (evidence, processes, policies, etc.) to help compliance teams improve their audit response time and create consistent responses across the teamExecute processes that manage high volumes of control performance data and report on them in an effective and accurate mannerCollaborate with compliance team leads on executing roadmaps for future GRC programsComplete the initial gap assessment for compliance scope additions to understand overlap with existing framework and communicate requirements and estimated workloads to compliance leadsSupport operational activities such as control performance assessment via NIST CSF Maturity assessment and monitoring of effectiveness of the GRC ProgramsSupport the GRC functions to help drive through ad-hoc deliverables as requiredDevelop, review, and update documentation for MongoDB's cloud customersAssist in building dashboards and presentations for various audiences (executive, business unit, ops, etc.)Support assessment activities as required to maintain compliance or evaluate the system by third party auditorsWork within ticketing flows to ensure various projects remain on targetInterface with and lead projects involving external auditors related to scheduling, drafting relevant communications and communicating metricsHelp schedule and track gaps and remediations related to periodic internal auditsTrack internal Governance, Risk and Compliance actions, as well as present team roadmaps and timelinesHelp track schedules and identify any obstacles that may impact milestones and key delivery datesArrange meetingsDraft meeting agendas based on meeting's goalsDraft presentations and communications around compliance program metricsTake meeting minutes and actions and follow up on their completionQualificationsBachelor's degree or equivalent practical experienceWorking knowledge of cloud controls and environmentsExperience with cloud security and major compliance standards such as ISO 27001, SOC 2, PCI, NIST CSFExperience with internal governance, risk, and compliance functionsExperience with policies, procedures, and governance frameworks in a highly regulated industryPractical experience performing gap analysis, maturity assessments, and risk assessmentsExperience managing projects or workstreams at the enterprise levelExperience implementing compliance technology and associated toolsAbility to engage organizational levels simultaneously, leading to solutions/sustainable programsKnowledge of compliance and regulatory processes, including aligning policies to regulatory and business requirementsExcellent attention to detail and organizational skillsPractical understanding of cloud security compliance, risk management and information security principlesStrong presentation building and communication skillsStrong analytical, diagnostic, and critical thinking skillsExcellent verbal, written and interpersonal communication skills with both technical and non-technical audiencesPreferred QualificationsExperience with obtaining the Esquema Nacional de Seguridad (ENS) certification, ISO 20000, or ISO 22301Experience working with JiraProject management experience including:process, metrics and dashboard reportingdrafting communicationsdrafting meeting minutesrollout of information security training and awareness programproject management support and reportingA good understanding of audit process, methodology, standards and terminology -- CISSP, CISA, CISM, CRISC, ISO 27001 Lead Auditor or Implementor certifications welcome but not requiredThe ability to work in a fast-paced tech environment, managing multiple large scale projects simultaneouslyA good understanding of Cloud Environments, Linux and Windows systemsTo drive the personal growth and business impact of our employees, we're committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees' wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it's like to work at MongoDB, and help us make an impact on the world!MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.MongoDB is an equal opportunities employer.#J-18808-Ljbffr
