Senior IAM & Security Engineer

MongoDB’s mission is to empower innovators to create, transform, and disrupt industries by unleashing the power of software and data. We enable organizations of all sizes to easily build, scale, and run modern applications by helping them modernize legacy workloads, embrace innovation, and unleash AI. Our industry-leading developer data platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available in more than 115 regions across AWS, Google Cloud, and Microsoft Azure. Atlas allows customers to build and run applications anywhere—on premises, or across cloud providers. With offices worldwide and over 175,000 new developers signing up to use MongoDB every month, it’s no wonder that leading organizations, like Samsung and Toyota, trust MongoDB to build next-generation, AI-powered applications.

We are seeking a highly experienced Senior IAM & Security Engineer with deep expertise in IAM, cloud security, automation, and endpoint security. In this role, you will lead the design, implementation, and ongoing management of complex security solutions at scale while partnering closely with cross-functional teams to strengthen our security posture and streamline secure access across our global environment.

We are looking to speak to candidates who are based in Sydney for our hybrid working model.

• Lead administration and enhancement of IAM platforms, including Okta, AWS, GCP, and Azure IAM, ensuring secure, least-privilege, and scalable access models
• Architect and implement SSO (SAML, OIDC, OAuth2), signals sharing and global token revocation alongside building policies to strengthen authentication and user verification
• Develop, optimize, and enforce role-based access control (RBAC) models and identity governance workflows to improve access security and audit readiness
• Automate complex identity lifecycle processes (provisioning, deprovisioning, just-in-time access) leveraging Terraform/OpenTofu and Python at scale
• Define and enforce security controls for GitHub repository management, ensuring secure and compliant CI/CD pipeline access

• Lead security design and enforcement across multi-cloud environments (AWS, GCP, Azure) focusing on IAM policies, resource permissions, and access control best practices
• Build and maintain automated security configurations and policy enforcement using Terraform/OpenTofu, CloudFormation, and Python scripting
• Conduct comprehensive cloud security assessments, identifying misconfigurations, excessive privileges, and areas of risk
• Support and enhance network security solutions, including Cloudflare WARP, VDI access controls, and next-gen VPN alternatives

• Manage and improve MDM platforms (JAMF, Workspace ONE, Kolide) and implement advanced device trust policies for macOS, Windows, and Linux endpoints
• Automate continuous compliance monitoring and enforce security baselines for corporate and BYOD devices across the organization
• Lead deployment and evolution of Zero Trust security frameworks integrating device posture signals into IAM policies and access decisions

• Develop, maintain, and optimize security automation workflows using Tines, Python, and PowerShell to reduce manual effort and improve incident response
• Support Splunk SIEM platform administration including log analysis, alert tuning, and building automated incident workflows
• Monitor, investigate, and respond to IAM and cloud security incidents; lead root cause analysis and drive remediation efforts
  

• 5+ years of hands-on experience in IAM, Cloud Security, or Security Engineering roles with increasing responsibility
• Deep expertise with IAM solutions such as Okta, AWS IAM, GCP IAM, Azure AD, and identity federation technologies
• Strong knowledge of authentication protocols and standards including OAuth2, OIDC, SAML, and MFA best practices
• Proven experience with Infrastructure as Code (Terraform/OpenTofu, CloudFormation) and security automation, preferably Tines, at scale
• Proficiency in scripting languages such as Python, Bash, or PowerShell to build and maintain automation tooling
• Experience managing MDM solutions and designing device security and compliance policies
• Familiarity with SIEM tools (Splunk preferred), endpoint monitoring, and security alerting platforms

• AWS Certified Security Specialty
• Okta Certified Administrator/Consultant
• CISSP or equivalent advanced security certification

To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!

MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.

MongoDB is an equal opportunities employer.

Req ID - 2263186526