• Own security issue intake and coordination by triaging reports submitted via our established channels (including private reports through GitHub Security Advisories and our security contact process), reproducing issues where needed, coordinating fixes with maintainers, and ensuring responsible disclosure practices. • Drive timely remediation by tracking SLAs, communicating status with reporters and internal stakeholders, and coordinating releases and backports when required. • Harden our CI/CD and release workflows by improving build pipeline security, secrets management, artifact integrity, and access controls; and by reducing exposure to supply chain attacks. • Strengthen supply chain defenses by improving dependency and artifact verification, provenance, signing, and monitoring; and by hardening the paths through which third-party code and integrations enter the ecosystem. • Build preventive security practices by introducing and continuously improving security testing and scanning in our engineering workflows; including SAST/DAST where appropriate, dependency and artifact scanning, and CI/workflow static analysis. • Coordinate external security work by scoping and managing third-party audits, pentests, and targeted reviews; and by ensuring findings are remediated effectively. • Create and maintain security processes and documentation that are clear, repeatable, and community-friendly, including runbooks for incident response and disclosure. • Collaborate with the community by supporting maintainers and contributors with guidance, reviewing security-relevant pull requests, and helping raise security awareness across the project.

• Actively partner with the Senior Director, Security Engineering on the Cloud Security strategy, implementation and operationalization • Evolve, fine tune and expand our current Cloud Security posture across multiple platforms, cloud providers and systems • Develop infrastructure requirements, security controls and delivery pipeline for third party validators running Arc nodes • Recommend and validate Security controls and improvements across our infrastructure stack • Produce data-based reports on technology risk for senior management • Drive continuous improvement in the tech stack

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description Mozilla is looking for an Incident Responder to monitor and mitigate attacks across Mozilla’s products and services. In this position, you will be a part of a flexible team responsible for handling security incidents. - Identify and respond to security incidents on a global scale. - Act as an incident commander to drive incidents through the entire response lifecycle. - Design and maintain a portfolio of security alerts, automated actions, playbooks and escalation workflows in support of a high-performing 24/7 incident response capability. - Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors. - Research threat intelligence reports, triage and manage resulting workflows. - Partner with key stakeholders and communicate effectively to maintain a continuously improving feedback loop of preparation, identification, analysis, containment, and post mortem activities. - Participate in on-call rotation. Qualifications - 5+ years of demonstrated ability managing security incidents at a global scale and/or experience working in Security Operations Centers (SOC), Product Security Incident Response Teams (PSIRT), and Computer Security Incident Response Teams (CSIRT). - Expertise with security information and event management (SIEM) systems (eg. ELK, Google BigQuery, Splunk, etc.). Splunk proficiency is preferred. - Expertise with integrating and leveraging threat intelligence for detection engineering. - Expertise with security orchestration and automation (SOAR) platforms such as Tines or Splunk SOAR. - Superb communication and leadership capacity; ability to partner effectively with diverse company stakeholders. - Real-world experience in software development and/or engineering operations for consumer products and services; B.S. in a technology-focused field is helpful. - Practical experience working with cloud technologies (eg. Google Cloud Platform, Amazon Web Services, Heroku, Microsoft Azure, etc.). Competencies - Ownership and Accountability - Autonomy - High Level of Integrity - Clear Communication - Creative Problem Solver - Passionate about Security Benefits - Generous performance-based bonus plans to all eligible employees - we share in our success as one team. - Rich medical, dental, and vision coverage. - Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute). - Quarterly all-company wellness days where everyone takes a pause together. - Country specific holidays plus a day off for your birthday. - One-time home office stipend. - Annual professional development budget. - Quarterly well-being stipend. - Considerable paid parental leave. - Employee referral bonus program. - Other benefits (life/AD&D, disability, EAP, etc. - varies by country).

• Lead Security Product Experience & Design Engineering (SPEDE) • Drive product strategy and vision across security product offerings • Oversee end-to-end product operations and strategy • Champion product-driven thinking with engineering, design, and security • Actively coach, mentor, and grow the team