Staff Security Engineer (Product Security)

TL;DR

Staff Security Engineer (Product Security): Protecting user privacy and safety by embedding security into mission-critical products like Firefox and Mozilla VPN, with an accent on anticipating, prioritizing, and mitigating risks through proactive threat modeling, security assessments, and penetration testing. Focus on building and hardening systems, performing security code reviews, and developing automated security tests within CI/CD pipelines.

Location: This position is remote-friendly and open to most locations in the US and Canada.

Company

hirify.global is a non-profit-backed technology company shaping the internet for the better with products like Firefox, focusing on AI, social media, and security.

What you will do

• Embed security into products like Firefox and Mozilla VPN throughout the Software Development Life Cycle (SDLC).
• Anticipate, prioritize, and mitigate risks through proactive threat modeling, security assessments, and security testing.
• Perform security code reviews and lead penetration testing on web, mobile, and embedded applications.
• Develop and maintain automated security tests within CI/CD pipelines.
• Partner with engineers to integrate security as a core design principle and facilitate secure releases.
• Define and enforce security policies and provide security guidance and education to development teams.

Requirements

• 5+ years of hands-on experience in product and application security.
• Proficiency in secure coding practices, application security testing (SAST, DAST), threat modeling, and vulnerability assessment.
• Experience in one or more languages like Python, Go, Java, or JavaScript for automation and code review.
• Familiarity with security tools like Burp Suite and Nessus.
• Strong communication, collaboration, and problem-solving skills.

Culture & Benefits

• Generous performance-based bonus plans.
• Rich medical, dental, and vision coverage.
• Generous retirement contributions with 100% immediate vesting.
• Quarterly all-company wellness days and country-specific holidays plus a day off for your birthday.
• One-time home office stipend, annual professional development budget, and quarterly well-being stipend.
• Considerable paid parental leave and employee referral bonus program.