Incident Response Lead

Portland, Seattle, L.A, Denver, Chicago, San Antonio, Austin, Philadelphia, Raleigh, DC

Mozilla logo
Apply now Apply later

Posted 3 weeks ago

A lot of companies say they’re “driven by their mission”. Our unique corporate structure guarantees that every decision we make upholds our mission: to make sure the internet stays available, safe, and welcoming to everyone. Beholden to neither shareholders nor investors, Mozilla Corporation is wholly owned by the not-for-profit Mozilla Foundation.

Along with 20,000+ volunteer contributors and collaborators all over the world, Mozilla Corporation’s staff designs, builds, and distributes software that allows people to enjoy the internet on their own terms. Our flagship product — the Firefox browser — has expanded into a family of products that protects users and alerts them of risks. Mozilla’s Emerging Technologies group incubated and sponsors Rust — Stack Overflow’s “most loved programming language” for the last four years — and is building safe, private versions of virtual reality, internet of things, and voice recognition.

Mozilla is looking for an Incident Response Manager to lead a small, dedicated team responsible for monitoring and responding to attacks across Mozilla’s products and enterprise. In this position, you will get a chance to build this team and to lead initiatives to grow Mozilla’s capacity to detect and respond to security incidents. As such, you’ll need to have years of practical experience handling security incidents, knowledge of the state of the art for detecting and responding to attacks, and depth of technical expertise with designing and building threat detection systems. You’ll also need to have outstanding communication and collaboration skills in order to manage incidents in partnership with diverse stakeholders and company leadership. Most importantly, you will become a critical member of the team responsible for ensuring the integrity of Mozilla’s enterprise and products and for keeping Mozilla’s users safe, within a company dedicated to building a more secure internet.

Responsibilities and Duties

  • Serve as the primary individual responsible at Mozilla for managing through security incidents in both our products and enterprise.
  • Lead the Incident Response team; ensure incident identification, assessment, communication, mitigation, and recovery.
  • Define strategies for threat detection, alerting, and response; implement strategies in partnership with engineering operations.
  • Work with and communicate effectively with product leaders to proactively and reactively to detect and respond to attacks.
  • Define processes and maturing ‘playbooks’ of operational response to incidents.

Qualifications and Skills

  • 5 - 10 years experience managing security incidents at a global scale and/or experience working in Security Operations Centers (SOC), Community Emergency Response Teams (CERT), and Computer Security Incident Response Teams (CSIRT).
  • Expertise with security information and event management (SIEM) systems (eg. ELK, Google BigQuery, Splunk, etc.).
  • Practical experience working with with cloud technologies (eg. Amazon Web Services, Google Cloud Platform, Heroku, Microsoft Azure, etc.)
  • Superb communication and leadership capacity; ability to partner effectively with diverse company stakeholders.
  • Real-world experience in software development and/or engineering operations; B.S. in technology focused field is preferred.


  • Ownership and Accountability
  • Autonomy
  • High Level of Integrity
  • Clear Communication
  • Creative Problem Solver
  • Passionate about Security

About Mozilla

Mozilla exists to build the Internet as a public resource accessible to all because we believe that open and free is better than closed and controlled. When you work at Mozilla, you give yourself a chance to make a difference in the lives of Web users everywhere. And you give us a chance to make a difference in your life every single day. Join us to work on the Web as the platform and help create more opportunity and innovation for everyone online.

We are an equal opportunity employer and value diversity. We do not discriminate on the basis of race (including hairstyle and texture), religion (including religious grooming and dress practices), gender (with or without sexual conduct), gender identity, gender expression, color, national origin, pregnancy, ancestry, domestic partner status, disability, sexual orientation, age, genetic predisposition, medical condition, marital status, citizenship status, military or veteran status, or any other basis covered by applicable laws. We will provide reasonable accommodation to an employee or job applicant with a disability.

Group: C


Job tags: Azure C CSIRT Google Incident response Internet of Things Military SIEM Splunk Threat detection