Staff Security Engineer, Product Security

Posted 19 days agoViewed

116000 - 171000 CAD per year

United States, CanadaFull-TimeProduct Security

Company:Mozilla

Location:United States, Canada

Languages:English

Seniority level:Staff, 5+ years

Experience:5+ years

Skills:

AWSPythonSoftware DevelopmentCloud ComputingCybersecurityGCPJavaJavascriptAzureCI/CDLinuxDevOps

Requirements:

5+ years of relevant hands-on experience in product and application security. 5+ years of experience and proficiency in secure coding practices, application security testing (SAST, DAST), threat modeling, and vulnerability assessment. Experience in one or more languages like Python, Go, Java, or JavaScript. Familiarity with security tools like Burp Suite, Nessus, and CI/CD automation tools. Strong communication, collaboration, and problem-solving skills.

Responsibilities:

Safeguard users by embedding security into mission-critical products. Ensure software products are secure throughout the SDLC. Anticipate, prioritize, and mitigate risks through proactive measures. Perform security code reviews. Lead penetration testing and guide remediation efforts. Develop and maintain automated security tests in CI/CD pipelines. Partner with engineers to integrate security into the SDLC. Define and enforce security policies. Shape Mozilla's security culture through collaboration and education.