Staff Security Engineer

MozillaMozilla·Remote(Remote Canada)
Software Development

WFA Digital Insight

The demand for skilled security engineers has surged in recent years, with a 27% increase in job postings in the last quarter alone. As a leader in the tech industry, Mozilla is at the forefront of this trend, seeking a talented Staff Security Engineer to join their team. With the rise of remote work, companies are more vulnerable to cyber threats than ever, making this role a critical component of Mozilla's security strategy. Candidates should be prepared to demonstrate their expertise in security operations and incident response, as well as their ability to collaborate with cross-functional teams.

Job Description

About the Role

Mozilla is seeking an experienced Staff Security Engineer to join their team, responsible for managing security incidents and mitigating attacks across the company's products and services. As a key member of the security team, you will be responsible for identifying and responding to security threats, designing and maintaining security alerts and playbooks, and collaborating with stakeholders to maintain a continuously improving feedback loop.

The successful candidate will have a deep understanding of security operations and incident response, with expertise in security information and event management (SIEM) systems and experience working in a fast-paced, dynamic environment. You will be part of a flexible team responsible for handling security incidents, and will need to have outstanding communication and collaboration skills to work effectively with diverse stakeholders.

What You Will Do

  • Identify and respond to security incidents on a global scale
  • Act as an incident commander to drive incidents through the entire response lifecycle
  • Design and maintain a portfolio of security alerts, automated actions, playbooks, and escalation workflows
  • Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors
  • Research threat intelligence reports, triage and manage resulting workflows
  • Partner with key stakeholders and communicate effectively to maintain a continuously improving feedback loop of preparation, identification, analysis, containment, and post-mortem activities
  • Participate in on-call rotation
  • Collaborate with cross-functional teams to implement security controls and mitigate threats
  • Develop and maintain security documentation and training materials

What We Are Looking For

  • 5+ years of demonstrated ability managing security incidents at a global scale and/or experience working in Security Operations Centers (SOC), Product Security Incident Response Teams (PSIRT), and Computer Security Incident Response Teams (CSIRT)
  • Expertise with security information and event management (SIEM) systems (e.g. ELK, Google BigQuery, Splunk, etc.)
  • Strong understanding of security principles, protocols, and technologies
  • Experience with threat intelligence and threat hunting
  • Excellent communication and collaboration skills
  • Ability to work in a fast-paced, dynamic environment
  • Strong problem-solving skills and attention to detail

Nice to Have

  • Experience with cloud-based security solutions
  • Knowledge of programming languages such as Python or Java
  • Familiarity with agile development methodologies
  • Certification in security or a related field

Benefits and Perks

  • Competitive salary and benefits package
  • Opportunity to work with a talented team of security professionals
  • Collaborative and dynamic work environment
  • Flexible working hours and remote work options
  • Access to cutting-edge security tools and technologies
  • Professional development and training opportunities
  • Recognition and reward for outstanding performance

How to Stand Out

  • Make sure to highlight your experience with SIEM systems and security operations in your resume and cover letter.
  • Be prepared to provide specific examples of your experience managing security incidents and mitigating attacks.
  • Familiarize yourself with Mozilla's products and services, and be prepared to discuss how you can contribute to the company's security strategy.
  • Develop a strong understanding of security principles and protocols, and be prepared to discuss your knowledge in an interview.
  • Consider obtaining certifications in security or a related field to demonstrate your expertise and commitment to the field.
  • Be prepared to discuss your experience working in a fast-paced, dynamic environment, and how you handle stress and pressure.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.