What are the responsibilities and job description for the Senior Security Engineer, Infrastructure Security position at Mozilla?

Senior Security Engineer, Infrastructure Security

Team : Security Locations : Remote Canada, Remote US

To learn the Hiring Ranges for this position, please select your location from the Apply Now dropdown menu.

To learn more about our Hiring Range System, please click this link.

Why Mozilla?

The Mozilla Corporation is wholly owned by the non-profit 501(c) Mozilla Foundation. This means we aren’t beholden to any shareholders — only to our mission. Along with thousands of volunteer contributors and collaborators all over the world, Mozillians design, build and distribute open-source software that enables people to enjoy the internet on their terms.

About this team and role :

Mozilla’s Infrastructure Security team is growing! We are looking for security practitioners to reduce risk in our systems and applications, and ensure our products live up to Mozilla’s dedication to privacy and a joyful Internet.

Working closely with partners across Site Reliability Engineering (SRE), IT, and along with other departments across Mozilla, the Security Engineer ensures that systems and services are secured through the implementation of technical and administrative security controls.

Successful candidates will have meaningful experience in one or more areas like GCP / AWS / Azure cloud security techniques, data security methodologies, vulnerability management and have extensive experience with security in all varieties of infrastructure.

As a Senior Security Engineer, you will be hardening and guiding recommendations for Mozilla’s systems and networks, infrastructure, application security services, and company assets, while ensuring the mission of privacy and security is upheld at all times. This is a hands-on role, and you will collaborate with other teams to guide proper security practices throughout the company.

What you’ll do :

Protect the services our products like Firefox, Pocket, etc depend on from security risks and attacks
Design, implement, and maintain tooling, systems and processes for securing our cloud infrastructure
Design, review and improve the security controls of the organization
Write, maintain, and expand security automation and monitoring tools
Work with developers and operations across the organization to keep infrastructure safe
Work with cross functional teams, building relationships and fostering collaboration to reach shared goals
Continually work to improve Mozilla’s security posture by partnering and supporting other parts of the cybersecurity organization as well as contributing to improving security practices and procedures
Help to level-up the skills of your fellow engineers through security reviews, giving talks and presentations, and / or writing documentation
Work with driven, committed team members to bring the open web to people around the world

What you’ll bring :

3 years of relevant hands-on experience in a cybersecurity domain designing, publishing and building security practices.

3 years of experience translating technical and administrative security controls into actionable platform configurations.

3 years of experience in any cybersecurity domain(s).

A B.S. in Computer Science or relevant certifications would be lovely, but passion, curiosity, and real-world experience are preferred.

Strong infrastructure security knowledge, from high level architectural concepts down to the implementation

Experience securing large-scale deployments in major cloud stacks (AWS, GCP, or Azure), including automating controls and use of API functions.

Security architecture background and experience, public cloud and on-premise.

Proficiency in using Terraform and Github Actions to automate the deployment and security configuration of infrastructure

Experience with CNAPP / CSPM / CWPP solutions

Experience with Web Application Firewalls

Experience with Container Security (understanding how to secure containerized applications)

Experience in vulnerability management

Experience working with DevOps or SRE teams to improve security within CI / CD pipelines

Development skills primarily in Python and Go. You should feel comfortable operating the services for the code you write and documenting it for others.

Log aggregation and analysis techniques, and you're familiar with the concepts of common SIEM technology such as Splunk.

Experience in ensuring compliance with CIS benchmarks

Writing documentation and proposals “skills”

Experience work tracking in JIRA

Interest in and ability to work with a distributed team (requires good asynchronous written communication skills as well as good verbal communication skills)

Happy to provide and receive constructive feedback

Will contribute by asking questions and proposing new ideas

A love of working with others collaboratively

Commitment to our values :

Being relationship-minded

Having grit

If your experience is close but doesn’t fulfill all requirements, please apply! Mozilla has a commitment to furthering our values by hiring individuals with diverse backgrounds, perspectives, and experiences.

What you’ll get :

Generous performance-based bonus plans to all eligible employees - we share in our success as one team

Rich medical, dental, and vision coverage

Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)

Quarterly all-company wellness days where everyone takes a pause together

Country specific holidays plus a day off for your birthday

One-time home office stipend

Quarterly well-being stipend

Considerable paid parental leave

Employee referral bonus program

Other benefits (life / AD&D, disability, EAP, etc. - varies by country)

About Mozilla

Mozilla exists to build the Internet as a public resource accessible to all because we believe that open and free is better than closed and controlled. When you work at Mozilla, you give yourself a chance to make a difference in the lives of Web users everywhere. And you give us a chance to make a difference in your life every single day. Join us to work on the Web as the platform and help create more opportunity and innovation for everyone online.

Commitment to diversity, equity, inclusion, and belonging

Mozilla understands that valuing diverse creative practices and forms of knowledge are crucial to and enrich the company’s core mission. We encourage applications from everyone, including members of all equity-seeking communities, such as (but certainly not limited to) women, racialized and Indigenous persons, persons with disabilities, persons of all sexual orientation s, gender identities, and expressions.

We will ensure that qualified individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment, as appropriate. Please contact us at hiringaccommodation@mozilla.com to request accommodation.

We are an equal opportunity employer. We do not discriminate on the basis of race (including hairstyle and texture), religion (including religious grooming and dress practices), gender, gender identity, gender expression, color, national origin, pregnancy, ancestry, domestic partner status, disability, sexual orientation, age, genetic predisposition, medical condition, marital status, citizenship status, military or veteran status, or any other basis covered by applicable laws. Mozilla will not tolerate discrimination or harassment based on any of these characteristics or any other unlawful behavior, conduct, or purpose.

At Mozilla, we’re serving humanity—by maintaining a safe, open internet—while alsohelping the individual humans employed here to reach their personal andprofessional goals. With a relatively small team serving hundreds of millions ofpeople, a culture of exploration, and a commitment to mentorship, opportunitiesabound to learn and grow at Mozilla.

Purpose is built into our work, with our mission driving every decision

We challenge assumptions, the status quo, ourselves, and each other

We are transparent : in our code, our business partnerships, and our everydayinteractions

We seek out people from diverse backgrounds and with perspectives differentfrom our own

We pair purpose with performance and put people ahead of profit

Our impact is global

1000 paid staff from over 30 countries

Thousands of volunteer contributors across six continents

2 global offices : Berlin and Toronto

9 coworking space locations : San Francisco, San Mateo, London, Paris, Portland, Tulsa, Vancouver, Chicago, and Bellevue

Hundreds of home offices globally

Our benefits are world-class

Flexible work environment (majority of Mozillians work remotely)

Industry-leading paid parental leave (up to 26 weeks of fully paid leave forchildbearing parents and up to 12 weeks for non-childbearing parents)

Reimbursement for professional development (up to $3,000 / year)

A work setup including the latest hardware and software of your choice

J-18808-Ljbffr

Salary : $3,000

Apply for this job

Receive alerts for other Senior Security Engineer, Infrastructure Security job openings

Senior Security Engineer, Infrastructure Security

What are the responsibilities and job description for the Senior Security Engineer, Infrastructure Security position at Mozilla?

What is the career path for a Senior Security Engineer, Infrastructure Security?

Job openings at Mozilla

Not the job you're looking for? Here are some other Senior Security Engineer, Infrastructure Security jobs in the San Francisco, CA area that may be a better fit.

We don't have any other Senior Security Engineer, Infrastructure Security jobs in the San Francisco, CA area right now.

AI Assistant is available now!