Staff Security Engineer - Vulnerability Management and IAM
Remote US, Remote Canada
Mozilla
Mozilla is the not-for-profit behind the lightning fast Firefox browser. We put people over profit to give everyone more power online.Mozilla’s ITEO Security Engineering Team is looking for an experienced Security Engineer to help drive key programs as we continue to modernize and scale our environment. You will have direct responsibility for engineering systems in areas such as vulnerability management, IAM/PAM, and related infrastructure. You will also be involved in all other aspects of our SecEng team’s duties.
You will be hardening and guiding recommendations for Mozilla’s systems and networks, infrastructure, application security services, and company assets, while ensuring the mission of privacy and security is upheld at all times. This is a hands-on role, however you will work with many teams to guide proper security practices throughout the company as well.
As a Staff Security Engineer at Mozilla, you will…
- Design, build and deploy vulnerability management frameworks and technologies across Mozilla Corporation
- Work with the Risk Assurance team to ensure that our policies and governance are well written and achievable
- Review and improve IAM systems across MoCo. This will include new designs and implementation, as well as ensuring other teams are successfully integrated
- Design, review and improve the security controls of the organization alongside other SecEng engineers
- Write, maintain, and expand automation scripts and monitoring tools
- Protect the services which Mozilla Corporation and our products like Firefox and others depend on from attacks and abuses
- Work with developers and operations teams across the organization to keep the Firefox backend infrastructure safe
Your Professional Profile
This role will likely involve some development work as we build and improve our security tools and automation. You should be proficient in Python, and Go is a definite plus as well. You should also feel comfortable running cloud infrastructure for the code you write and documenting your applications for other ops teams to run with. Additional skills include:
- Strong infrastructure and application security knowledge, including popular web stacks, SaaS platforms, AppSec concepts, and security methodologies
- A thorough understanding of vulnerability management beyond scanning tools. Vuln Management Program experience is key, along with creative thinking on how vulns exist and come to be - especially in a software development / DevSecOps environment such as ours
- You know how modern IAM and PAM are designed and implemented, especially in mixed public cloud environments and SaaS integrations
- A B.S. in Computer Science is fantastic, but real-world experience is preferred
About Mozilla
Mozilla exists to build the Internet as a public resource accessible to all because we believe that open and free is better than closed and controlled. Join us to work on the Web as the platform and help create more opportunity and innovation for everyone online.
Next Steps
If our team sounds like a good fit for you please send us your resume with a cover letter. Tell us about why you're interested in Mozilla and this position. If you contribute to any open source software, or maintain a blog, Twitter, or similar online presence we'd love to hear about it.
Mozilla is committed to Equal Employment Opportunity throughout our recruiting and hiring process and is dedicated to growing diversity in our workplace.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Group: C
#LI-REMOTE
Req ID: R1891
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation C Cloud Computer Science DevSecOps Governance IAM Monitoring Open Source Privacy Python SaaS Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs