Zorky CRMZorky CRM
EN|RU
@ekaterinovikova
All jobs

Senior IRM Analyst

seniorUnited StatesScore undefined/1002w ago
Market insights
📊 Backend: salaries and demand on the market
Stack
gomongodb
Apply
Upload your CV — we will connect you with the employer directly through our pool.
Send your CV →
Description
The Information Security Risk Team at MongoDB is the operational engine of the internal and third-party risk programs. Situated within the Assurance, Risk, and Compliance (ARC) organization, the team is responsible for the "Reduction of Uncertainty" across the enterprise. We view this team as the "Operational Commander" of the risk function. The team oversees the entire lifecycle of risk identification, assessment, and treatment, ensuring that MongoDB’s leadership has a clear, quantified view of the top risks facing the organization. We are not just a compliance function; we are a "Risk Intelligence" unit that empowers the business to "Think Big" while keeping our eyes wide open to the risks we accept. As the Senior Information Risk Analyst, you will serve as the subject matter expert and primary executor of our risk function. Reporting directly to the Risk Director, you will be responsible for conducting and owning the lifecycle of internal security assessments (annual + ad-hoc), applying risk methodology, producing risk memos and working with asset/risk owners across the business that powers MongoDB’s growth. This is a pivotal moment for our Risk function as we scale operations to meet the demands of a $100B+ database market while navigating an increasingly rigorous regulatory landscape (DORA, FedRAMP, NIS2). This role can be based remotely in the United States. Responsibilities Program Maturity Risk Assessment Methodology Implementation: Lead the strategic roadmap to integrate the risk matrix into the risk framework Regulatory Governance: Ensure the risk program complies with global regulations, specifically DORA (EU) regarding ICT registers and FedRAMP Rev 5 supply chain controls. Maintain the Supply Chain Risk Management (SCRM) plan and oversee strict boundary protections for the "
Employer contacts (email/phone/telegram) are hidden from the public preview — send your CV, and we will connect you directly.
Urgent question? Message @ekaterinovikova