Feel good about your work again.
Senior Security Engineer – Add-ons Operations
Location
Germany
Posted
5 days ago
Salary
€68K - €91K / year
Seniority
Senior
Job Description
Senior Security Engineer – Add-ons Operations
Mozilla
• Deliver major features and architectural improvements across the Add-ons stack, including automated moderation pipelines, Reviewer tools, and DevHub. • Create robust observability systems and data-backed insights. • Provide peer feedback, share knowledge and help others grow. • Improve platform reliability through deployments, monitoring, and incident response. • Help keep the platform safe and trustworthy, with attention to security and user trust. • Step in to resolve issues impacting users and developers, from small bugs to larger incidents. • Collaborate with designers, product managers, QA, and community contributors to deliver end-to-end improvements. • Contribute in the open through pull requests, code reviews, and discussions. • Work on: • Full stack development: React/TypeScript frontends, Django backend, MySQL datastore. • Platform reliability: deployments, monitoring, and incident response on Google Cloud. • Feature development: submission flows, trust and safety signals, DevHub and Reviewer tools modernization. • Ecosystem moderation: abuse report management, policy compliance, and ecosystem safety. • Open collaboration: We work in the open, with contributions from Mozilla staff and community members.
Job Requirements
- Experience building modern web applications.
- Strong experience with Python/Django or similar backend frameworks.
- Understanding of web security principles and practices.
- Strong collaboration and communication skills in a distributed team environment.
- Adept at navigating ambiguity, exploring solutions, and shaping direction in new problem spaces.
- Commitment to our values:
- Welcoming differences
- Being relationship-minded
- Practicing responsible participation
- Having grit
- Bonus points for:
- Experience in building automated security systems.
- Exposure to cloud infrastructure (Google Cloud or similar).
- Contributions to open source projects.
- Experience with policy-compliant ecosystem moderation tools.
Benefits
- Generous performance-based bonus plans to all eligible employees - we share in our success as one team
- Rich medical, dental, and vision coverage
- Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)
- Quarterly all-company wellness days where everyone takes a pause together
- Country specific holidays plus a day off for your birthday
- One-time home office stipend
- Annual professional development budget
- Quarterly well-being stipend
- Considerable paid parental leave
- Employee referral bonus program
- Other benefits (life/AD&D, disability, EAP, etc. - varies by country)
Related Guides
Related Categories
Related Job Pages
More Security Operations Jobs
Role Description Sun Com Mobile is seeking a reliable, detail-oriented Overnight Facilities Coordinator / Security Monitoring & Dispatch Specialist to support operations during overnight hours. This role is critical to maintaining the safety, security, and functionality of our retail locations nationwide. You'll be the eyes and ears of the company after hours--monitoring systems, responding to alerts, and coordinating real-time support when issues arise. If you're someone who stays sharp overnight, works well independently, and can make quick, sound decisions, this role is for you. What You'll Do - Facilities Coordination - Monitor facility systems and report maintenance or operational concerns - Coordinate emergency repairs or vendor support as needed - Maintain accurate logs of incidents, service requests, and follow-ups - Security Monitoring - Monitor CCTV systems across multiple locations in real time - Identify suspicious activity, safety concerns, or policy violations - Escalate issues quickly and appropriately - Alarm Monitoring & Dispatch - Monitor intrusion, fire, and environmental alarm systems - Assess alerts and take immediate action - Dispatch internal teams, vendors, or emergency services when necessary - Document all activity clearly and accurately Qualifications - High school diploma or equivalent required - Previous experience in security monitoring, dispatch, call center, or facilities support preferred - Strong attention to detail and ability to multitask - Clear communication and solid judgment under pressure - Comfortable working independently overnight - Basic computer skills (monitoring systems, email, reporting tools) Preferred Experience - CCTV or alarm monitoring systems - Dispatch or call center environment - Facilities maintenance coordination Work Environment - Fully remote role with continuous system monitoring - Requires sustained focus and responsiveness during overnight hours - Minimal supervision--high accountability role Benefits - Be part of a growing Cricket Wireless authorized retailer - Play a key role in protecting company assets and employees - Work independently with real impact on daily operations - Consistent overnight schedule for those who prefer off-hours work Additional Requirements - Must pass background check (where applicable) - Must be available for weekends, holidays, and emergency coverage
• Continuously monitor, triage, and analyze real-time security alerts and log data across disparate platforms. • Serve as the critical operational hinge and escalation pathway between Tier 1/2 SOC analysts and the Incident Response (IR) team. • Execute initial deep-dive log analysis and technical root-cause investigations to reconstruct threat timelines. • Perform proactive behavioral and pattern analysis on historical network and host logs to identify coverage gaps. • Review and update SOC incident response playbooks, internal workflows, and defensive tool tracking mechanisms.
• Take escalations from L1 and perform in-depth investigations: hypothesis-driven analysis, evidence validation, scoping, impact assessment, and timeline building. • Correlate telemetry across endpoint (EDR), Windows/Linux, AD, firewall/proxy/DNS/IDS, and (when applicable) cloud logs. • Recommend and/or coordinate containment actions (host isolation, credential resets, IOC blocks, temporary control changes) following change control and governance. • Determine severity and communicate clearly in English to technical stakeholders; provide concise executive-style updates when required. • Identify detection gaps and drive improvements: reduce false positives, close false negatives, propose new rules/use cases. • Ensure evidence integrity and proper documentation, coordinate handoffs with IR, IT Ops, Network, and Cloud teams. • Produce post-incident deliverables: probable root cause, lessons learned, and preventive actions.
• Monitor security events and alerts in SIEM and defensive tools; perform initial triage and classification (benign / false positive / suspicious / incident). • Collect and review basic evidence: endpoint telemetry, Windows/Linux logs, firewall/IDS, DNS/proxy; perform initial correlation (host/user/IP/IOC/process). • Execute runbooks/playbooks (e.g., password reset request, IOC block request, host isolation request) when authorized and aligned with procedures. • Create and maintain high-quality tickets with a clear narrative: what happened, supporting evidence, potential impact, actions taken, recommended next steps. • Escalate to L2/L3/IR when there is evidence of compromise, material risk, lateral movement, or uncertainty that requires deeper investigation. • Deliver structured shift handovers (case status, findings, hypotheses, next steps, blockers). • Meet operational SLAs and documentation of quality standards.


