Description:
The Assurance, Risk, and Compliance (“ARC”) Initiatives team at MongoDB owns the strategy, governance, and delivery of our most critical cross-functional risk and compliance initiatives. We design and execute programs that support compliance audits, risk assessments, employee awareness and enablement, and the implementation of common control frameworks, along with consistent operating cadences that align key stakeholders, accelerate decision making, and drive the execution of initiatives that reinforce MongoDB’s assurance, risk management, and compliance objectives. We define and track key metrics and deliver clear and timely, executive reporting to provide transparency, measure progress, and ensure lasting operational resilience and governance.
We serve as the central coordination point for ARC-wide initiatives, connecting Product, Engineering, Security, and Legal teams around clear priorities, milestones, and outcomes. Our focus is on building scalable governance structures, defining decision-making frameworks, and establishing repeatable ways of working so that complex efforts can be executed consistently across the team.
The Policy Program Manager is a mid-to-senior level individual contributor role responsible for leading the development and operationalization of policies and procedures aligned to established control frameworks. You will drive end-to-end ownership of policy lifecycle management, from drafting and review through implementation and ongoing maintenance, while coordinating inputs across teams to ensure accuracy, consistency, and adoption. Additionally, you will lead documentation standardization efforts, facilitate stakeholder reviews, and perform gap analyses to continuously strengthen and mature our ARC policy framework.
Responsibilities:
- Lead the end-to-end execution of company-wide compliance programs, including the annual security policy and procedure review cycle
- Design and implement scalable frameworks for policy lifecycle management (creation, review, approval, publication, and retirement)
- Establish standards, templates, and governance processes to ensure consistency and clarity across all compliance documentation
- Maintain a centralized, audit-ready repository for policies, procedures, and supporting artifacts
- Act as the primary point of contact for cross-functional teams (HR, Legal, Engineering, Product)
- Drive alignment, gather inputs, and ensure timely completion of policy updates and compliance deliverables
- Ensure policies and procedures align with regulatory, security, and internal control requirements
- Support internal and external audits by maintaining complete, accurate, and accessible documentation
- Translate audit findings and regulatory changes into actionable policy program updates
- Maintain the integrity of project-specific Jira boards and Confluence pages. Ensure all project artifacts are organized, up-to-date, and ready for leadership review or external audit
- Develop and maintain dashboards to report on program health, completion rates, and obstacles. Present status updates and metrics to leadership
- Evaluate existing program workflows and implement improvements to increase efficiency, reduce manual effort, and improve the stakeholder experience
Requirements:
- 5-8 years of program management experience, ideally within an Information Security or high-growth technology environment
- Experience creating and managing policy and procedure programs or governance frameworks
- Deep understanding of security and compliance frameworks (e.g., SOC 2, ISO 27001, PCI DSS, HIPAA, NIST CSF)
- Strong proficiency in managing full-lifecycle projects, including scoping, planning, risk mitigation, and change control
- Advanced experience with Jira and Confluence, including the ability to build custom dashboards and manage complex documentation repositories
- Maintain and support a GRC/policy management platform to ensure consistent policy administration and system usability
- Excellent interpersonal skills with the ability to hold cross-functional stakeholders accountable to deadlines in a professional and effective manner
- Exceptional attention to detail and the ability to manage multiple overlapping priorities without losing sight of milestones
- A proactive, self-directed approach to work. You enjoy taking ownership of a program and building the structure necessary for its success
Responsibilities & Expectations
- You are expected to be the owner of your assigned programs. While you will work closely with technical SMEs, you are responsible for the logistical success of the workstream. Your success is measured by the timely completion of program goals, the clarity of your reporting, and your ability to anticipate and resolve project bottlenecks
- You don't just track tasks; you own the success of the program
Scope & Complexity
- The scope is horizontal and impacts multiple departments across MongoDB
- Managing complex programs that require coordination with various business units, ensuring that project delays in one area do not derail the overall compliance roadmap
Authority & Impact
- You have the authority to manage the timelines and execution steps of your assigned programs
- Your impact is reflected in the strength of policy program management and organizational readiness you drive; by overseeing and coordinating these workstreams, you ensure the Compliance team consistently meets foundational policy requirements and aligns with external audit expectations
Expertise
- You will develop deep expertise in compliance and audit operations
- You will become the go-to resource for designing, scaling, and executing policy and compliance programs within a cloud-first organization. This role is responsible for independently and collaboratively developing and managing policies and procedures, with a strong understanding of compliance frameworks and the ability to interpret and operationalize control requirements
Leadership
- Leadership in this role is demonstrated through influence and mentorship. While you may not have direct reports, you will guide cross-functional teams in developing and standardizing policies/supporting documentation, as well as provide mentorship on policy governance, standardized documentation practices, and compliance alignment
About MongoDB
MongoDB is built for change, empowering our customers and our people to innovate at the speed of the market. We have redefined the database for the AI era, enabling innovators to create, transform, and disrupt industries with software. MongoDB’s unified database platform, the most widely available, globally distributed database on the market, helps organizations modernize legacy workloads, embrace innovation, and unleash AI. Our cloud-native platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available across AWS, Google Cloud, and Microsoft Azure.
With offices worldwide and over 60,000 customers, including 75% of the Fortune 100 and AI-native startups, relying on MongoDB for their most important applications, we’re powering the next era of software.
Our compass at MongoDB is our Leadership Commitment, guiding how and why we make decisions, show up for each other, and win. It’s what makes us MongoDB.
To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys.Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!
MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.
MongoDB is an equal opportunities employer.
REQ ID: 1273402887