Staff Security Engineer - Governance, Risk and Compliance (GRC) at Mozilla
🔭 Our mission & vision
US Tier 1 Locations: $163,000.00 USD - $239,000.00 USD
US Tier 2 Locations: $150,000.00 USD - $220,000.00 USD
US Tier 3 Locations: $138,000.00 USD - $270,000.00 USD
To learn more about our Hiring Range System, please click this link.
The Security Assurance and Risk team is a community of engineers who care deeply about ensuring that Mozilla products, services and infrastructure is secure and private. We are responsible for the governance, risk and compliance of security standards, collaborating with all Mozilla departments for the most secure and private consumer experience.
Are you interested in helping to secure Mozilla products and services? If so, we’d love to hear from you. Feel good about your work again! Pursue your future while working to protect the future of the internet for everyone, everywhere.
What you’ll get to do
Lead the implementation of; and ongoing governance and compliance of a security framework
Contribute directly to design and execution of high quality, thorough cybersecurity maturity assessments and threat risk assessments of different business and technical processes and controls
Demonstrate in-depth technical capabilities and professional knowledge. Candidates should be current on the modern cybersecurity control environment and threat landscape related to several industries
Establish consulting level relationships with internal partners from different Mozilla departments.
Demonstrate and apply a thorough understanding of security controls and how they apply to infrastructure security, cloud security, application security and others.
Perform 3rd party vendor risk assessments
What you’ll bring
Knowledge and 5+ years of hands-on experience in cyber security governance, risk and compliance
Experience running cyber security and risk assessments using industry known frameworks such as, but not limited to: NIST, CIS, CoBiT, ISO27001
Familiarity with other industry security or privacy regulations: PCI-DSS, GDPR, FIPPA, HIPPA etc
Strategic planning and road-mapping of security control implementation
Subject matter expertise with at least 5 of the following:
Network & infrastructure security,
Dev sec ops
Risk and compliance
Possession of one or more of the following cyber security-related certifications: CISSP, CISM, CISA, CRISC, GSEC or equivalent
Experience in working independently and as part of a team to create high quality deliverables and reporting
Excellent analytical skills
Leadership and mentoring skills
Excellent interpersonal, written, verbal, communication, and presentation skills
Mozilla exists to build the Internet as a public resource accessible to all because we believe that open and free is better than closed and controlled. When you work at Mozilla, you give yourself a chance to make a difference in the lives of Web users everywhere. And you give us a chance to make a difference in your life every single day. Join us to work on the Web as the platform and help create more opportunity and innovation for everyone online.
Commitment to diversity, equity, inclusion, and belonging
Mozilla understands that valuing diverse creative practices and forms of knowledge are crucial to and enrich the company’s core mission. We encourage applications from everyone, including members of all equity-seeking communities, such as (but certainly not limited to) women, racialized and Indigenous persons, persons with disabilities, persons of all sexual orientations, gender identities, and expressions.
We will ensure that qualified individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment, as appropriate. Please contact us at firstname.lastname@example.org to request accommodation.
We are an equal opportunity employer. We do not discriminate on the basis of race (including hairstyle and texture), religion (including religious grooming and dress practices), gender, gender identity, gender expression, color, national origin, pregnancy, ancestry, domestic partner status, disability, sexual orientation, age, genetic predisposition, medical condition, marital status, citizenship status, military or veteran status, or any other basis covered by applicable laws. Mozilla will not tolerate discrimination or harassment based on any of these characteristics or any other unlawful behavior, conduct, or purpose.
Req ID: R2106
Responsibilities & tasks
Skills & qualifications
About the team
How to applyApply nowApply for this job
Is something wrong with this job posting? Doesn't match your idea of good?
Let us know and help us maintain the quality of jobs.