About the role
- As a Staff Security Engineer in Product Security, you’ll be instrumental in securing Mozilla’s products, services, and infrastructure.
- You’ll lead efforts to identify, assess, and mitigate security risks across our technology stack, ensuring the highest standards of security for our users.
- Drive security initiatives from conception to deployment, collaborating closely with engineering teams to integrate security best practices throughout the software development lifecycle.
- Work with engineering teams to conduct security reviews, threat modeling, and vulnerability assessments of new and existing products and features.
- Provide mentorship and technical guidance to junior security engineers, fostering a culture of security awareness and excellence within the organization.
- Research and implement innovative security solutions and technologies to enhance our defensive capabilities and stay ahead of emerging threats.
- Contribute to the development and enforcement of security policies, standards, and guidelines.
- Participate in incident response activities, helping to investigate and resolve security incidents effectively and efficiently.
- Stay updated with the latest security trends, vulnerabilities, and attack techniques, sharing knowledge and recommendations with the team.
What you bring
- Professional experience: 8+ years in product security, application security, or a related field, with a proven track record of leading security initiatives and mentoring others.
- Deep expertise in security principles, secure coding practices, cryptography, network security, and common web application vulnerabilities (e.g., OWASP Top 10).
- Proficiency in security tools and technologies, including SAST/DAST, vulnerability scanners, WAFs, and SIEM systems.
- Experience with security architecture reviews, threat modeling, and risk assessments.
- Familiarity with cloud security best practices (e.g., AWS, Azure, GCP) and experience securing cloud-native applications.
- Excellent communication, collaboration, and problem-solving skills, with the ability to articulate complex security concepts to technical and non-technical audiences.
- Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
Benefits
- Generous paid time off
- Holiday Pay
- Comprehensive medical, dental, and vision insurance for you and your family
- Parental leave
- Employee wellness program (physical, mental, and financial wellness resources)
- 401(k) retirement plan with employer match
- Learning and development opportunities
- Employee referral program
About the Team
The Product Security team is a critical component of our mission to ensure a safe and secure online experience for all users. We are a dynamic and collaborative team of security professionals dedicated to protecting our products, services, and infrastructure from evolving cyber threats.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
