Mozilla

Staff Security Engineer, Product Security

Mozilla

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $138,000 - $217,000 per year

Job Level

Lead

Tech Stack

GoJavaJavaScriptPythonSDLC

About the role

  • Safeguard millions of users by embedding security into Firefox, Mozilla VPN, and other mission-critical products.
  • Ensure software products are secure by embedding security into the full Software Development Life Cycle (SDLC).
  • Anticipate, prioritize and mitigate risks through proactive threat modeling, security assessments, security testing, and automation.
  • Perform security code reviews
  • Lead penetration testing on web, mobile, and embedded applications, then guide remediation efforts.
  • Develop and maintain automated security tests within CI/CD pipelines to catch vulnerabilities early.
  • Partner with engineers to integrate security throughout the software development lifecycle—not as an afterthought, but as a core design principle. Provide security guidance, develop secure solutions, and facilitate secure releases.
  • Help define and enforce security policies and provide security guidance to development teams.
  • Help shape Mozilla's security culture through collaboration, guidance, and education.

Requirements

  • 5+ years of relevant hands-on experience in product and application security.
  • 5+ years of experience and proficiency in secure coding practices, application security testing (SAST, DAST), threat modeling, and vulnerability assessment.
  • Experience in one or more languages like Python, Go, Java, or JavaScript, required for automation and code review.
  • Familiarity with security tools like Burp Suite, Nessus, and tools for CI/CD automation.
  • Strong communication, collaboration, and problem-solving skills, with the ability to influence and guide cross-functional teams.
  • Formal credentials are great, but real-world experience, curiosity, passion and a builder’s mindset matter more.
Benefits
  • Generous performance-based bonus plans to all eligible employees - we share in our success as one team
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)
  • Quarterly all-company wellness days where everyone takes a pause together
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Other benefits (life/AD&D, disability, EAP, etc. - varies by country)

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
secure coding practicesapplication security testingthreat modelingvulnerability assessmentsecurity code reviewspenetration testingautomationCI/CD pipelinesPythonJava
Soft skills
communicationcollaborationproblem-solvinginfluenceguidance