Staff Security Engineer

2 Months ago • 7 Years + • Cyber Security • $138,000 PA - $217,000 PA

Job Summary

Job Description

The Staff Security Engineer will be responsible for designing and architecting security controls and risk reduction activities across all Mozilla product, service, and support departments. This includes assessing security risks, analyzing software and system design for vulnerabilities, and building tooling to automate processes. The role involves collaborating with teams, ensuring the integrity of Mozilla’s enterprise and products, and contributing to a more secure internet. Responsibilities include leading enterprise security control design, conducting risk assessments, collaborating on security strategy, coordinating incident response, and ensuring compliance with security standards and regulations. The engineer will also be involved in technology assessment, training, and reporting.
Must have:
  • 7+ years in security consulting or architecture.
  • Experience with Identity and Access Management.
  • Experience with Mobile Device/Application Management.
  • Experience with Data Loss Prevention.
  • Experience with Endpoint Detection and Response.
Perks:
  • Generous performance-based bonus plans.
  • Rich medical, dental, and vision coverage.
  • Generous retirement contributions.
  • Quarterly company wellness days.
  • Country specific holidays plus birthday off.
  • One-time home office stipend.
  • Annual professional development budget.
  • Quarterly well-being stipend.
  • Considerable paid parental leave.
  • Employee referral bonus program.

Job Details

To learn the Hiring Ranges for this position, please select your location from the Apply Now dropdown menu.

To learn more about our Hiring Range System, please click this link.

Why Mozilla?

Mozilla Corporation is the non-profit-backed technology company that has shaped the internet for the better over the last 25 years. We make pioneering brands like Firefox, the privacy-minded web browser, and Pocket, a service for keeping up with the best content online. Now, with more than 225 million people around the world using our products each month, we’re shaping the next 25 years of technology and helping to reclaim an internet built for people, not companies. Our work focuses on diverse areas including AI, social media, security and more. And we’re doing this while never losing our focus on our core mission – to make the internet better for people.

The Mozilla Corporation is wholly owned by the non-profit 501(c) Mozilla Foundation. This means we aren’t beholden to any shareholders — only to our mission. Along with thousands of volunteer contributors and collaborators all over the world, Mozillians design, build and distribute open-source software that enables people to enjoy the internet on their terms.

About this Team and Role

Mozilla is looking for a staff security engineer to assist with the design and architecture of security controls and risk reduction activities across all Mozilla product, service and support departments. To achieve these you will need:

  • experience assessing security risks, presenting security topics to technical and nontechnical teams.
  • Ability to analyze software and system design to identify security vulnerabilities using knowledge of state of the art vulnerabilities and attack techniques.
  • technical expertise and experience with designing and building tooling to scale and automate processes your influence and impact.
  • outstanding interpersonal skills to partner with teams across the organization and support them in reducing their risk.

Most importantly, you will assist the team responsible for ensuring the integrity of Mozilla’s enterprise and products and for keeping Mozilla’s users safe, within a company dedicated to building a more secure internet.

What You’ll Do
  • Lead enterprise security control design and architecture across Mozilla SaaS applications and enterprise security tooling
  • Conduct risk assessments and security reviews for SaaS and custom-developed applications and services
  • Collaborate with security leadership on security strategy and prioritization of security projects
  • Coordinate with Security Incident Response Team on incident retrospectives and follow up on security remediation
  • Security Strategy and Governance
  • Develop and implement cybersecurity strategies, policies, and frameworks aligned with organizational goals and regulatory requirements.
  • Conduct periodic corporate risk assessments and recommend measures to address identified vulnerabilities.
  • Internal Consulting
  • Act as a subject matter expert for internal teams, providing guidance on securing SaaS applications, infrastructure hardening, and data protection.
  • Review and approve security controls in project designs and deployments.
  • Regulatory Compliance
  • Ensure compliance with Mozilla security standards, such as NIST, GDPR, and other relevant regulations.
  • Support audits, certifications, and assessments.
  • Technology Assessment
  • Evaluate and recommend new security technologies, tools, and methodologies to strengthen the organization's cybersecurity posture.
  • Collaborate with IT and business units to assess and integrate security solutions.
  • Training and Awareness
  • Assist in development or acquisition of training sessions for employees to enhance cybersecurity awareness across the organization.
  • Provide mentorship to junior cybersecurity staff.
  • Reporting and Communication
  • Provide detailed reports and dashboards on the organization's security status to senior leadership.
  • Communicate complex technical information to non-technical stakeholders effectively.
What You’ll Bring
  • 7+ years of demonstrated ability in a security consulting or architecture role
  • Practical experience with the following technologies:
  • Identity and Access Management
  • Mobile Device / Application Management
  • Data Loss Prevention
  • Endpoint Detection and Response
  • Practical experience securing SaaS applications such as but not limited to: Google Workspace, Box, Slack, Workday, Jira and Confluence)
  • Experience securing cloud technologies such as Google Cloud, Amazon Web Services and Azure.
  • Strong written and verbal skills; ability to work effectively with diverse company partners.
  • Real-world experience in software development and/or engineering operations; B.S. in technology focused fields is helpful.
Competencies
  • Ownership and Accountability
  • Autonomy
  • High Level of Integrity
  • Clear Communication
  • Creative Problem Solver
  • Passionate about Security
What you’ll get:
  • Generous performance-based bonus plans to all eligible employees - we share in our success as one team
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)
  • Quarterly all-company wellness days where everyone takes a pause together
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Other benefits (life/AD&D, disability, EAP, etc. varies by country)
About Mozilla

When you work at Mozilla, you give yourself a chance to make a difference in the lives of web users everywhere. And you give us a chance to make a difference in your life every single day. Join us to work on the web as the platform and help create more opportunity and innovation for everyone online. We’re not a normal tech company. The things we create prioritize people and their privacy over profits. We exist to make the internet a healthier, happier place for everyone.

Commitment to diversity, equity and inclusion

Mozilla believes in the value of diverse creative practices and forms of knowledge, and knows diversity, equity and inclusion are crucial to and enrich the company’s core mission. We encourage applications from everyone, including members of all equity-seeking communities, such as (but not limited to) women, racialized and Indigenous persons, persons with disabilities, persons of all sexual orientations, gender identities and expressions.

We will ensure that qualified individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment, as appropriate. Please contact us at hiringaccommodation@mozilla.com to request accommodation.

We are an equal opportunity employer. We do not discriminate on the basis of race (including hairstyle and texture), religion (including religious grooming and dress practices), gender, gender identity, gender expression, color, national origin, pregnancy, ancestry, domestic partner status, disability, sexual orientation, age, genetic predisposition, medical condition, marital status, citizenship status, military or veteran status, or any other basis covered by applicable laws. Mozilla will not tolerate discrimination or harassment based on any of these characteristics or any other unlawful behavior, conduct, or purpose.

 

Group: C

#LI-REMOTE 

ReqID: R2766

Similar Jobs

WireWheel - Sales Engineer

WireWheel

(On-Site)
3 Years ago
Bito - Product Designer

Bito

Pune, Maharashtra, India (Hybrid)
2 Weeks ago
Arketa - General Counsel

Arketa

San Francisco, California, United States (Remote)
1 Week ago
AI Fund - VP of Marketing

AI Fund

San Francisco, California, United States (Hybrid)
3 Months ago
WebMD - Senior Program Manager (Salesforce CPQ & Go-to-Market Operations)

WebMD

Yardley, Pennsylvania, United States (Hybrid)
1 Month ago
Survay Monkey - Information Security Analyst III

Survay Monkey

Bengaluru, Karnataka, India (Hybrid)
1 Month ago
Alpha Sense - Senior Cloud Security Engineer

Alpha Sense

Mumbai, Maharashtra, India (On-Site)
1 Month ago
bytedance - Software Engineer, Security Operation Center

bytedance

San Jose, California, United States (On-Site)
3 Months ago
endava - Senior Information Security Engineer

endava

Córdoba, Córdoba Province, Argentina (Remote)
2 Months ago
Postman - Senior Security Engineer, Application Security

Postman

San Francisco, California, United States (Hybrid)
2 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Sully.ai - Contract Recruiting Lead (Sales/GTM)

Sully.ai

Mountain View, California, United States (Remote)
1 Week ago
Mixpanel - Team Lead, Sales Operations

Mixpanel

Bengaluru, Karnataka, India (Hybrid)
1 Week ago
Britive - SENIOR UI ENGINEER- BANGALORE

Britive

Bengaluru, Karnataka, India (Remote)
8 Months ago
Palo Alto Networks - Senior Consultant, Offensive Security, Proactive Services (Unit 42)

Palo Alto Networks

Fort Meade, Maryland, United States (On-Site)
1 Month ago
velotio technologies  - Backend Engineer (Python)

velotio technologies

Pune, Maharashtra, India (Remote)
2 Months ago
FlockSafety - Director, Pricing and Packaging

FlockSafety

United States (Remote)
3 Months ago
Tellius - Partnerships Manager

Tellius

(Remote)
2 Months ago
Instawork - IT Generalist

Instawork

San Francisco, California, United States (On-Site)
6 Days ago
Insight Software - Principal Software Engineer

Insight Software

Hyderabad, Telangana, India (On-Site)
6 Days ago
Mixpanel - Director, Financial Planning & Analysis

Mixpanel

San Francisco, California, United States (Hybrid)
1 Week ago

Get notifed when new similar jobs are uploaded

Jobs in United States

Penrose studios - Videographer

Penrose studios

San Francisco, California, United States (On-Site)
4 Years ago
Apple - Visual Merchandising 3D Producer

Apple

Cupertino, California, United States (On-Site)
1 Month ago
JMA - Senior Engineer - Hardware Design - Electrical - R&D

JMA

Florham Park, New Jersey, United States (On-Site)
2 Weeks ago
Patreon - Engineering Manager, Platform

Patreon

San Francisco, California, United States (Hybrid)
3 Months ago
Bebopbee - User-Acquisition Lead

Bebopbee

United States (Remote)
2 Months ago
Jane Street - Market Data Specialist

Jane Street

New York, United States (On-Site)
2 Weeks ago
Plaid  - Revenue Enablement Manager - New Hire Onboarding

Plaid

Durham, North Carolina, United States (Hybrid)
3 Weeks ago
Activision - Lead Producer

Activision

Los Angeles, California, United States (On-Site)
1 Week ago
Glocomms - Senior Cloud Engineer

Glocomms

Dallas, Texas, United States (On-Site)
2 Weeks ago
singularity 6 - Art Application Drop Box

singularity 6

Los Angeles, California, United States (Hybrid)
2 Years ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

seedify - Cyber Security Specialist

seedify

(On-Site)
1 Year ago
Survay Monkey - Software Engineer II - Security Engineering

Survay Monkey

Ottawa, Ontario, Canada (Hybrid)
1 Week ago
Larian Studios - Lead Security & Network Engineer

Larian Studios

Guildford, England, United Kingdom (On-Site)
5 Months ago
GoTo Group - Senior Cloud Security Engineer - CISO

GoTo Group

Jakarta, Jakarta, Indonesia (On-Site)
2 Weeks ago
bytedance - Software Engineer Intern (Privacy & Security - Global Payment)

bytedance

San Jose, California, United States (On-Site)
4 Months ago
Vercel - Senior Application Security Engineer

Vercel

San Francisco, California, United States (Hybrid)
2 Weeks ago
Tencent - Senior Client-Side Security Engineer

Tencent

Shenzhen, Guangdong Province, China (On-Site)
1 Month ago
Scopely - Senior Security IAM Engineer

Scopely

Barcelona, Catalonia, Spain (Hybrid)
4 Months ago
CD PROJEKT RED - Cybersecurity Specialist

CD PROJEKT RED

Warsaw, Masovian Voivodeship, Poland (On-Site)
5 Months ago
Sony Interactive Entertainment - Application Security Engineer

Sony Interactive Entertainment

Tokyo, Japan (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded