We’re looking for a Staff Security Engineer to join our Product Security team, contributing to the security design, implementation, and deployment of a variety of products and services. You will be responsible for defining and driving our product security strategy while working closely with our product and engineering teams. You’ll have the opportunity to make a significant impact on the security posture of Mozilla’s product portfolio and ensure the privacy and safety of millions of users.
About the Team
The Product Security team is at the forefront of protecting Mozilla’s users and products. We work across all product lines, including Firefox, VPN, Pocket, and more, ensuring security is built-in from the ground up. Our team is passionate about open-source and believes in a secure, open, and accessible internet for all.
What you’ll do
- Lead the security design, implementation, and deployment of Mozilla products and services, ensuring they meet the highest security standards.
- Collaborate with engineering and product teams to integrate security into the entire software development lifecycle (SDLC), from conception to release.
- Conduct security reviews, threat modeling, and vulnerability assessments of existing and new products.
- Develop and implement security best practices, policies, and guidelines across the organization.
- Respond to security incidents, analyze root causes, and implement corrective actions.
- Mentor and guide junior security engineers, fostering a culture of security awareness and continuous improvement.
- Stay up-to-date with the latest security trends, vulnerabilities, and technologies, and apply this knowledge to enhance our product security posture.
- Work with cross-functional teams to automate security tasks and integrate security tools into our CI/CD pipelines.
What you bring
- Proven experience as a Senior or Staff Security Engineer in a product-focused environment.
- Deep understanding of web application security, mobile security, cloud security, and cryptographic principles.
- Strong proficiency in programming languages such as Python, Go, Rust, or JavaScript.
- Experience with security tools and technologies (e.g., SAST, DAST, WAF, IDS/IPS).
- Excellent communication, collaboration, and problem-solving skills.
- Ability to work independently and as part of a distributed team.
- Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
Bonus points for
- Experience with open-source projects and communities.
- Relevant security certifications (e.g., OSCP, CISSP).
- Experience with privacy-enhancing technologies.
About Mozilla
At Mozilla, we’re a global community of technologists, thinkers, and builders working together to keep the Internet a global public resource, open and accessible to everyone. Our mission is to promote openness, innovation & opportunity on the Web and in the world.
Perks of working at Mozilla
- Comprehensive health, dental, and vision insurance
- Paid time off and holidays
- 401(k) matching
- Employee stock purchase program
- Professional development opportunities
- Remote-first work environment
- Open and inclusive company culture
