Security Engineer

• Lead enterprise security control design and architecture across Mozilla SaaS applications and enterprise security tooling
• Conduct risk assessments and security reviews for SaaS and custom-developed applications and services
• Collaborate with security leadership on security strategy and prioritization of security projects
• Coordinate with Security Incident Response Team on incident retrospectives and follow up on security remediation
• Develop and implement cybersecurity strategies, policies, and frameworks aligned with organizational goals and regulatory requirements
• Conduct periodic corporate risk assessments and recommend measures to address identified vulnerabilities
• Act as a subject matter expert for internal teams, providing guidance on securing SaaS applications, infrastructure hardening, and data protection
• Review and approve security controls in project designs and deployments
• Ensure compliance with Mozilla security standards, such as NIST, GDPR, and other relevant regulations
• Support audits, certifications, and assessments
• Evaluate and recommend new security technologies, tools, and methodologies to strengthen the organization's cybersecurity posture
• Collaborate with IT and business units to assess and integrate security solutions
• Assist in development or acquisition of training sessions for employees to enhance cybersecurity awareness across the organization
• Provide mentorship to junior cybersecurity staff
• Provide detailed reports and dashboards on the organization's security status to senior leadership
• Communicate complex technical information to non-technical stakeholders effectively

Staff Security Engineer

Salary

Job Level

Tech Stack

About the role

Requirements