Staff Security Engineer - Governance, Risk and Compliance (GRC) at Mozilla

Posted on:
February 23, 2023

🔭 Our mission & vision

Job Description

Hiring Ranges:

US Tier 1 Locations: $163,000.00 USD - $239,000.00 USD

US Tier 2 Locations: $150,000.00 USD - $220,000.00 USD

US Tier 3 Locations: $138,000.00 USD - $270,000.00 USD


To learn more about our Hiring Range System, please click this link.

The Security Assurance and Risk team is a community of engineers who care deeply about ensuring that Mozilla products, services and infrastructure is secure and private. We are responsible for the governance, risk and compliance of security standards, collaborating with all Mozilla departments for the most secure and private consumer experience.

Are you interested in helping to secure Mozilla products and services? If so, we’d love to hear from you. Feel good about your work again! Pursue your future while working to protect the future of the internet for everyone, everywhere.

What you’ll get to do

Lead the implementation of; and ongoing governance and compliance of a security framework

Contribute directly to design and execution of high quality, thorough cybersecurity maturity assessments and threat risk assessments of different business and technical processes and controls

Demonstrate in-depth technical capabilities and professional knowledge. Candidates should be current on the modern cybersecurity control environment and threat landscape related to several industries

Establish consulting level relationships with internal partners from different Mozilla departments.

Demonstrate and apply a thorough understanding of security controls and how they apply to infrastructure security, cloud security, application security and others. 

Perform 3rd party vendor risk assessments

What you’ll bring

Knowledge and 5+ years of hands-on experience in cyber security governance, risk and compliance 

Experience running cyber security and risk assessments using industry known frameworks such as, but not limited to: NIST, CIS, CoBiT, ISO27001

Familiarity with other industry security or privacy regulations: PCI-DSS, GDPR, FIPPA, HIPPA etc

Strategic planning and road-mapping of security control implementation

Subject matter expertise with at least 5 of the following:

Network & infrastructure security,

Cloud security

Threat detection

Incident response

Vulnerability management

SDLC security

Dev sec ops

Security governance

Risk and compliance

Security architecture

Data protection

Possession of one or more of the following cyber security-related certifications: CISSP, CISM, CISA, CRISC, GSEC or equivalent

Experience in working independently and as part of a team to create high quality deliverables and reporting

Excellent analytical skills

Leadership and mentoring skills 

Excellent interpersonal, written, verbal, communication, and presentation skills

About Mozilla 

Mozilla exists to build the Internet as a public resource accessible to all because we believe that open and free is better than closed and controlled. When you work at Mozilla, you give yourself a chance to make a difference in the lives of Web users everywhere. And you give us a chance to make a difference in your life every single day. Join us to work on the Web as the platform and help create more opportunity and innovation for everyone online.

Commitment to diversity, equity, inclusion, and belonging

Mozilla understands that valuing diverse creative practices and forms of knowledge are crucial to and enrich the company’s core mission.  We encourage applications from everyone, including members of all equity-seeking communities, such as (but certainly not limited to) women, racialized and Indigenous persons, persons with disabilities, persons of all sexual orientations, gender identities, and expressions.

We will ensure that qualified individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment, as appropriate. Please contact us at to request accommodation.

We are an equal opportunity employer. We do not discriminate on the basis of race (including hairstyle and texture), religion (including religious grooming and dress practices), gender, gender identity, gender expression, color, national origin, pregnancy, ancestry, domestic partner status, disability, sexual orientation, age, genetic predisposition, medical condition, marital status, citizenship status, military or veteran status, or any other basis covered by applicable laws.  Mozilla will not tolerate discrimination or harassment based on any of these characteristics or any other unlawful behavior, conduct, or purpose.

Group: C


Req ID: R2106

Responsibilities & tasks

Ideal candidate

Skills & qualifications

About the team

How to apply

Is something wrong with this job posting? Doesn't match your idea of good?
Let us know and help us maintain the quality of jobs.

Apply for this job