To learn the Hiring Ranges for this position, please select your location from the Apply Now dropdown menu.To learn more about our Hiring Range System, please click this link.Why Mozilla?The Mozilla Corporation is wholly owned by the non-profit 501(c) Mozilla Foundation. This means we arent beholden to any shareholders only to our mission. Along with thousands of volunteer contributors and collaborators all over the world, Mozillians design, build and distribute open-source software that enables people to enjoy the internet on their terms.About this Team and RoleMozilla is looking for a staff security engineer to assist with the design and architecture of security controls and risk reduction activities across all Mozilla product, service and support departments. To achieve these you will need:experience assessing security risks, presenting security topics to technical and nontechnical teams.Ability to analyze software and system design to identify security vulnerabilities using knowledge of state of the art vulnerabilities and attack techniques.technical expertise and experience with designing and building tooling to scale and automate processes your influence and impact.outstanding interpersonal skills to partner with teams across the organization and support them in reducing their risk.Most importantly, you will assist the team responsible for ensuring the integrity of Mozillas enterprise and products and for keeping Mozillas users safe, within a company dedicated to building a more secure internet.To learn the Hiring Ranges for this position, please select your location from the Apply Now dropdown menu.To learn more about our Hiring Range System, please click this link.Why Mozilla?Mozilla Corporation is the non-profit-backed technology company that has shaped the internet for the better over the last 25 years. We make pioneering brands like Firefox, the privacy-minded web browser, and Pocket, a service for keeping up with the best content online. Now, with more than 225 million people around the world using our products each month, were shaping the next 25 years of technology and helping to reclaim an internet built for people, not companies. Our work focuses on diverse areas including AI, social media, security and more. And were doing this while never losing our focus on our core mission to make the internet better for people.The Mozilla Corporation is wholly owned by the non-profit 501(c) Mozilla Foundation. This means we arent beholden to any shareholders only to our mission. Along with thousands of volunteer contributors and collaborators all over the world, Mozillians design, build and distribute open-source software that enables people to enjoy the internet on their terms.About this Team and RoleMozilla is looking for a staff security engineer to assist with the design and architecture of security controls and risk reduction activities across all Mozilla product, service and support departments. To achieve these you will need:experience assessing security risks, presenting security topics to technical and nontechnical teams.Ability to analyze software and system design to identify security vulnerabilities using knowledge of state of the art vulnerabilities and attack techniques.technical expertise and experience with designing and building tooling to scale and automate processes your influence and impact.outstanding interpersonal skills to partner with teams across the organization and support them in reducing their risk.Most importantly, you will assist the team responsible for ensuring the integrity of Mozillas enterprise and products and for keeping Mozillas users safe, within a company dedicated to building a more secure internet.What Youll DoLead enterprise security control design and architecture across Mozilla SaaS applications and enterprise security toolingConduct risk assessments and security reviews for SaaS and custom-developed applications and servicesCollaborate with security leadership on security strategy and prioritization of security projectsCoordinate with Security Incident Response Team on incident retrospectives and follow up on security remediationSecurity Strategy and GovernanceDevelop and implement cybersecurity strategies, policies, and frameworks aligned with organizational goals and regulatory requirements.Conduct periodic corporate risk assessments and recommend measures to address identified vulnerabilities.Internal ConsultingAct as a subject matter expert for internal teams, providing guidance on securing SaaS applications, infrastructure hardening, and data protection.Review and approve security controls in project designs and deployments.Regulatory ComplianceEnsure compliance with Mozilla security standards, such as NIST, GDPR, and other relevant regulations.Support audits, certifications, and assessments.Technology AssessmentEvaluate and recommend new security technologies, tools, and methodologies to strengthen the organization's cybersecurity posture.Collaborate with IT and business units to assess and integrate security solutions.Training and AwarenessAssist in development or acquisition of training sessions for employees to enhance cybersecurity awareness across the organization.Provide mentorship to junior cybersecurity staff.Reporting and CommunicationProvide detailed reports and dashboards on the organization's security status to senior leadership.Communicate complex technical information to non-technical stakeholders effectively.What Youll Bring7+ years of demonstrated ability in a security consulting or architecture rolePractical experience with the following technologies:Identity and Access ManagementMobile Device / Application ManagementData Loss PreventionEndpoint Detection and ResponsePractical experience securing SaaS applications such as but not limited to: Google Workspace, Box, Slack, Workday, Jira and Confluence)Experience securing cloud technologies such as Google Cloud, Amazon Web Services and Azure.Strong written and verbal skills; ability to work effectively with diverse company partners.Real-world experience in software development and/or engineering operations; B.S. in technology focused fields is helpful.CompetenciesOwnership and AccountabilityAutonomyHigh Level of IntegrityClear CommunicationCreative Problem SolverPassionate about SecurityWhat youll get:Generous performance-based bonus plans to all eligible employees - we share in our success as one teamRich medical, dental, and vision coverageGenerous retirement contributions with 100% immediate vesting (regardless of whether you contribute)Quarterly all-company wellness days where everyone takes a pause togetherCountry specific holidays plus a day off for your birthdayOne-time home office stipendAnnual professional development budgetQuarterly well-being stipendConsiderable paid parental leaveEmployee referral bonus programOther benefits (life/AD&D, disability, EAP, etc. varies by country)About MozillaWhen you work at Mozilla, you give yourself a chance to make a difference in the lives of web users everywhere. And you give us a chance to make a difference in your life every single day. Join us to work on the web as the platform and help create more opportunity and innovation for everyone online. Were not a normal tech company. The things we create prioritize people and their privacy over profits. We exist to make the internet a healthier, happier place for everyone.Commitment to diversity, equity and inclusionMozilla believes in the value of diverse creative practices and forms of knowledge, and knows diversity, equity and inclusion are crucial to and enrich the companys core mission. We encourage applications from everyone, including members of all equity-seeking communities, such as (but not limited to) women, racialized and Indigenous persons, persons with disabilities, persons of all sexual orientations, gender identities and expressions.We will ensure that qualified individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment, as appropriate. Please contact us at to request accommodation.We are an equal opportunity employer. We do not discriminate on the basis of race (including hairstyle and texture), religion (including religious grooming and dress practices), gender, gender identity, gender expression, color, national origin, pregnancy, ancestry, domestic partner status, disability, sexual orientation, age, genetic predisposition, medical condition, marital status, citizenship status, military or veteran status, or any other basis covered by applicable laws. Mozilla will not tolerate discrimination or harassment based on any of these characteristics or any other unlawful behavior, conduct, or purpose.Group: C#LI-REMOTEReqID: R2766Hiring Ranges:$128,000 - $170,000 CAD$115,000 - $154,000 CADApply for this job*indicates a required fieldFirst Name *Last Name *Email *PhoneLocation (City) *Resume/CV *Enter manuallyAccepted file types: pdf, doc, docx, txt, rtfEnter manuallyAccepted file types: pdf, doc, docx, txt, rtfLinkedIn ProfileWebsiteHow did you hear about this job? * Select...If referred by a current Mozilla employee, please tell us who.Have you been employed by Mozilla before? * Select...If offered this position would you be able to fill the position in one of the countries listed on the job posting without relocation assistance from Mozilla? * Select...Are you authorized to work lawfully in the country to which you are applying for Mozilla? * Select...(Skip this question if you are applying to work in Canada or the UK). Do you now or in the future require sponsorship? Select...Select...I have received, read and understand the privacy notice for job applicants at Mozilla. #J-18808-Ljbffr
Job Title
Staff Security Engineer