Staff Security Engineer

Mozilla Corporation is a nonprofit-backed technology company known for developing open-source internet products including the Firefox web browser. With hundreds of millions of users worldwide, Mozilla focuses on building a more open, secure, and privacy-respecting internet. This role focuses on monitoring and responding to security incidents across Mozilla’s products and infrastructure while developing detection systems, threat intelligence processes, and automated response workflows.

Mozilla is seeking a Staff Security Engineer to support global security operations by identifying and responding to security incidents affecting its products and infrastructure. In this role, you will help protect Mozilla’s services and users by monitoring threats, coordinating incident response activities, and improving detection and response systems. Working within the security team, you will collaborate with engineering, operations, and product teams to strengthen defenses, investigate potential threats, and implement scalable security automation solutions.

Responsibilities:
- Identify, analyze, and respond to security incidents affecting Mozilla’s platforms and services.
- Act as incident commander and coordinate response activities throughout the incident lifecycle.
- Develop and maintain security alerts, automation workflows, and incident response playbooks.
- Conduct proactive threat hunting and analyze threat intelligence reports.
- Monitor security telemetry and improve detection strategies for emerging threats.
- Collaborate with cross-functional teams to improve incident response processes and system resilience.

Requirements:
- Minimum of 5 years of experience managing security incidents or working in SOC, PSIRT, or CSIRT environments.
- Expertise with security information and event management systems such as Splunk, ELK, or Google BigQuery.
- Experience integrating threat intelligence into detection and response processes.
- Familiarity with security orchestration and automation platforms such as Tines or Splunk SOAR.
- Experience working with cloud platforms including AWS, Google Cloud, or Microsoft Azure.
- Strong communication and leadership skills for coordinating incident response across teams.

Benefits:
- Performance-based bonus opportunities.
- Comprehensive medical, dental, and vision coverage.
- Retirement contributions with immediate vesting.
- Professional development and home office stipends.

This role provides an opportunity to help secure widely used internet technologies while contributing to Mozilla’s mission of building a safer and more open internet.