Staff Security Engineer

September 17

Apply Now

Receive Emails with Similar Jobs

Mozilla

WebsiteLinkedInAll Job Openings

B2C • Cybersecurity • Software

Mozilla is a non-profit organization dedicated to promoting an open and accessible internet. They are the makers of the popular Firefox browser, which emphasizes user privacy, speed, and control. Mozilla also offers a range of products that focus on internet security and privacy, including Mozilla VPN, Firefox Relay, and Mozilla Monitor. Additionally, the organization is involved in open-source projects, AI innovation, and advocating for digital rights. Mozilla aims to empower users with trustworthy technology and policies that protect privacy, support open-source AI development, and foster accountability for tech companies.

501 - 1000 employees

Founded 1998

👥 B2C

🔒 Cybersecurity

📋 Description

• Lead enterprise security control design and architecture across Mozilla SaaS applications and enterprise security tooling • Conduct risk assessments and security reviews for SaaS and custom-developed applications and services • Collaborate with security leadership on security strategy and prioritization of security projects • Coordinate with Security Incident Response Team on incident retrospectives and follow up on security remediation • Develop and implement cybersecurity strategies, policies, and frameworks aligned with organizational goals and regulatory requirements • Conduct periodic corporate risk assessments and recommend measures to address identified vulnerabilities • Act as a subject matter expert for internal teams, providing guidance on securing SaaS applications, infrastructure hardening, and data protection • Review and approve security controls in project designs and deployments • Ensure compliance with Mozilla security standards, such as NIST, GDPR, and other relevant regulations • Support audits, certifications, and assessments • Evaluate and recommend new security technologies, tools, and methodologies to strengthen the organization's cybersecurity posture • Collaborate with IT and business units to assess and integrate security solutions • Assist in development or acquisition of training sessions for employees to enhance cybersecurity awareness across the organization • Provide mentorship to junior cybersecurity staff • Provide detailed reports and dashboards on the organization's security status to senior leadership • Communicate complex technical information to non-technical stakeholders effectively

🎯 Requirements

• 10+ years of demonstrated ability in a security consulting or architecture role • Experience assessing security risks, presenting security topics to technical and nontechnical teams • Ability to analyze software and system design to identify security vulnerabilities using knowledge of state of the art vulnerabilities and attack techniques • Technical expertise and experience with designing and building tooling to scale and automate processes • Outstanding interpersonal skills to partner with teams across the organization and support them in reducing their risk • Practical experience with Identity and Access Management • Practical experience with Mobile Device / Application Management • Practical experience with Data Loss Prevention • Practical experience with Endpoint Detection and Response • Practical experience securing SaaS applications such as Google Workspace, Box, Slack, Workday, Jira and Confluence • Experience securing cloud technologies such as Google Cloud, Amazon Web Services and Azure • Strong written and verbal skills; ability to work effectively with diverse company partners • Real-world experience in software development and/or engineering operations; B.S. in technology focused fields is helpful

🏖️ Benefits

• Generous performance-based bonus plans to all eligible employees - we share in our success as one team • Rich medical, dental, and vision coverage • Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute) • Quarterly all-company wellness days where everyone takes a pause together • Country specific holidays plus a day off for your birthday • One-time home office stipend • Annual professional development budget • Quarterly well-being stipend • Considerable paid parental leave • Employee referral bonus program • Other benefits (life/AD&D, disability, EAP, etc. varies by country)