Senior Security Engineer - Vulnerability Management - INTERNAL - Mana Job Board None Bookmark Share Print 185 0 1

Listing Description



The recruiter of this position: Carla Blackwell-Bremby

 

The manager of this position: Rose Frost

 

The ideal level for this role: P3

 

A few must have skills: Experience with popular vulnerability scanning and management tools such as Nessus, OpenVAS, or Twistlock, 4+ years of security experience, good understanding of threat modeling and risk analysis.


 





Why Mozilla?


Mozilla Corporation is the non-profit-backed technology company behind pioneering brands like Firefox, the privacy-minded web browser, and Pocket, the content discovery platform. More than 270 million people around the world use its products each month.Along with 20,000+ volunteer contributors and collaborators all over the world, Mozilla Corporation’s staff are driven by our vision to be the trusted guide through a joyful internet. We design, build and distribute software that enables people to enjoy the internet on their terms.


Risk Management at Mozilla


As part of Security Assurance, our team is a vital part of how security works at Mozilla. We help engineers, product managers, lawyers, and everyone else across Mozilla understand where their risks are, and how to mitigate them. We do this through risk assessments, security testing and red team exercises, setting standards and policy, and helping our developers build the most secure software they can, so we can protect our users.


What you’ll do: 



  • Collaborate with others to design and craft automated systems for identifying, triaging, and remediating vulnerabilities across Mozilla.

  • Coordinate with infrastructure and software engineering teams across Mozilla to assess how to best extend vulnerability management coverage into their areas.

  • Keep abreast of new security vulnerabilities and proactively engage with the vulnerability management program to identify and arrange for the remediation of Mozilla systems.

  • Help ensure that service level agreements for fixing found issues are followed.

  • Be a member of Mozilla’s Web Bug Bounty award committee.

  • Occasionally contribute to other team work areas such as security testing, risk assessment, and application security.


What you’ll bring:



  • 4+ years of security experience.

  • Experience with popular vulnerability scanning and management tools such as Nessus, OpenVAS, or Twistlock. If you have experience with other tools, that is also great.

  • Comfortable collaborating across teams and functional areas.

  • Good understanding of threat modeling and risk analysis.


Bonus points for…




  • Software engineering experience




Group: D


#LI-REMOTE


Req ID: R2163



Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Useful Links

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765

requests@ninjajobs.org
www.ninjajobs.org
Chat with us!