Senior Security Engineer - Vulnerability Management
Remote Canada
Mozilla
Mozilla is the not-for-profit behind the lightning fast Firefox browser. We put people over profit to give everyone more power online.Why Mozilla?
Mozilla Corporation is the non-profit-backed technology company behind pioneering brands like Firefox, the privacy-minded web browser, and Pocket, the content discovery platform. More than 270 million people around the world use its products each month.Along with 20,000+ volunteer contributors and collaborators all over the world, Mozilla Corporation’s staff are driven by our vision to be the trusted guide through a joyful internet. We design, build and distribute software that enables people to enjoy the internet on their terms.
Risk Management at Mozilla
As part of Security Assurance, our team is a vital part of how security works at Mozilla. We help engineers, product managers, lawyers, and everyone else across Mozilla understand where their risks are, and how to mitigate them. We do this through risk assessments, security testing and red team exercises, setting standards and policy, and helping our developers build the most secure software they can, so we can protect our users.
What you’ll do:
- Collaborate with others to design and craft automated systems for identifying, triaging, and remediating vulnerabilities across Mozilla.
- Coordinate with infrastructure and software engineering teams across Mozilla to assess how to best extend vulnerability management coverage into their areas.
- Keep abreast of new security vulnerabilities and proactively engage with the vulnerability management program to identify and arrange for the remediation of Mozilla systems.
- Help ensure that service level agreements for fixing found issues are followed.
- Be a member of Mozilla’s Web Bug Bounty award committee.
- Occasionally contribute to other team work areas such as security testing, risk assessment, and application security.
What you’ll bring:
- 4+ years of security experience.
- Experience with popular vulnerability scanning and management tools such as Nessus, OpenVAS, or Twistlock. If you have experience with other tools, that is also great.
- Comfortable collaborating across teams and functional areas.
- Good understanding of threat modeling and risk analysis.
Bonus points for…
-
Software engineering experience
About Mozilla
Mozilla exists to build the Internet as a public resource accessible to all because we believe that open and free is better than closed and controlled. When you work at Mozilla, you give yourself a chance to make a difference in the lives of Web users everywhere. And you give us a chance to make a difference in your life every single day. Join us to work on the Web as the platform and help create more opportunity and innovation for everyone online.
Commitment to diversity, equity, inclusion, and belonging
Mozilla understands that valuing diverse creative practices and forms of knowledge are crucial to and enrich the company’s core mission. We encourage applications from everyone, including members of all equity-seeking communities, such as (but certainly not limited to) women, racialized and Indigenous persons, persons with disabilities, persons of all sexual orientations, gender identities, and expressions.
We will ensure that qualified individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment, as appropriate. Please contact us at hiringaccommodation@mozilla.com to request accommodation.
We are an equal opportunity employer. We do not discriminate on the basis of race (including hairstyle and texture), religion (including religious grooming and dress practices), gender, gender identity, gender expression, color, national origin, pregnancy, ancestry, domestic partner status, disability, sexual orientation, age, genetic predisposition, medical condition, marital status, citizenship status, military or veteran status, or any other basis covered by applicable laws. Mozilla will not tolerate discrimination or harassment based on any of these characteristics or any other unlawful behavior, conduct, or purpose.
Group: D
#LI-REMOTE
Req ID: R2163
Tags: Application security Nessus OpenVAS Privacy Red team Risk analysis Risk assessment Risk management Twistlock Vulnerabilities Vulnerability management
Perks/benefits: Health care Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs