CrawlJobs Logo

Staff Security Engineer

Canada; United States · Job Posted April 05, 2026
Apply Position
Job Link Share

Job Description

Mozilla is looking for an Incident Responder to monitor and mitigate attacks across Mozilla’s products and services. In this position, you will be a part of a flexible team responsible for handling security incidents. As such, you’ll need to have years of practical security experience and knowledge of the state of the art for detecting and responding to attacks. You’ll be someone Mozillians across the company depend on and trust to respond quickly and effectively in a crunch, with the outstanding communication and collaboration skills needed to work in partnership with diverse stakeholders. Most importantly, you will become a critical member of the team responsible for ensuring the integrity of Mozilla’s products and for keeping Mozilla’s users safe, within a company dedicated to building a more secure internet.

Job Responsibility

  • Identify and respond to security incidents on a global scale
  • Act as an incident commander to drive incidents through the entire response lifecycle
  • Design and maintain a portfolio of security alerts, automated actions, playbooks and escalation workflows in support of a high-performing 24/7 incident response capability
  • Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors
  • Research threat intelligence reports, triage and manage resulting workflows
  • Partner with key stakeholders and communicate effectively to maintain a continuously improving feedback loop of preparation, identification, analysis, containment, and post mortem activities
  • Participate in on-call rotation

Requirements

  • 5+ years of demonstrated ability managing security incidents at a global scale and/or experience working in Security Operations Centers (SOC), Product Security Incident Response Teams (PSIRT), and Computer Security Incident Response Teams (CSIRT)
  • Expertise with security information and event management (SIEM) systems (eg. ELK, Google BigQuery, Splunk, etc.). Splunk proficiency is preferred
  • Expertise with integrating and leveraging threat intelligence for detection engineering
  • Expertise with security orchestration and automation (SOAR) platforms such as Tines or Splunk SOAR
  • Superb communication and leadership capacity
  • ability to partner effectively with diverse company stakeholders
  • Real-world experience in software development and/or engineering operations for consumer products and services
  • B.S. in a technology-focused field is helpful
  • Practical experience working with cloud technologies (eg. Google Cloud Platform, Amazon Web Services, Heroku, Microsoft Azure, etc.)
  • Ownership and Accountability
  • Autonomy
  • High Level of Integrity
  • Clear Communication
  • Creative Problem Solver
  • Passionate about Security

What we offer

  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Other benefits (life/AD&D, disability, EAP, etc. - varies by country)
  • Flexible work environment
  • Industry-leading paid parental leave
  • Reimbursement for professional development (up to $3,000/year)
  • A work setup including the latest hardware and software of your choice

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Staff Security Engineer

8 matching positions

New

Staff Security Engineer

We are currently looking for a Staff Security Engineer to join a fast-growing, i...
Location
Location
United Kingdom , London
Salary
Salary:
120000.00 - 150000.00 GBP / Year
dataidols.com Logo
Data Idols
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Commercial experience as a Security Engineer, Application Security Engineer, Product Security Engineer or DevSecOps Engineer
  • Strong understanding of application security principles and secure software development practices
  • Experience working closely with software engineering teams
  • Hands-on experience securing cloud environments (AWS, GCP or Azure)
  • Experience with vulnerability management, threat modelling and security reviews
  • Knowledge of CI/CD security and modern development practices
  • Excellent stakeholder management and communication skills
Job Responsibility
Job Responsibility
  • Driving application and product security initiatives across multiple engineering teams
  • Conducting security reviews, threat modelling and risk assessments
  • Implementing and improving vulnerability management processes
  • Embedding security tooling into CI/CD pipelines and development workflows
  • Partnering with developers to promote secure coding practices
  • Reviewing cloud infrastructure and architecture from a security perspective
  • Supporting incident response and remediation activities when required
  • Defining and promoting security standards, policies and best practices
  • Influencing technical decision-making across engineering and leadership teams
What we offer
What we offer
  • Hybrid working model
  • Opportunity to work on cutting-edge AI and technology products
  • High level of autonomy and influence
  • Collaborative engineering culture
  • Career progression opportunities as the business continues to scale
  • Ongoing learning and professional development
  • Pension scheme
  • Generous holiday allowance
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Our mission is to protect, defend, and secure Uber’s products, infrastructure, a...
Location
Location
United States , New York; Seattle; San Francisco; Sunnyvale
Salary
Salary:
232000.00 - 258000.00 USD / Year
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS/MS Degree in Computer Science, Engineering, or a related field.
  • 7+ years of industry experience in a software development or security engineering environment.
  • Proficiency in programming languages such as Golang, Java, or Python.
  • Deep understanding of distributed systems, high-availability, and high-performance system design.
  • Hands-on experience with Endpoint Security such as EDR, secure browser, and binary authentication.
Job Responsibility
Job Responsibility
  • Security Solution Development: Design, develop, and implement software solutions to automate and scale enterprise security defenses.
  • System Architecture: Own the platform and tools for securing enterprise systems across macOS, Windows, and Linux.
  • Technical Leadership: Set technical direction for specific projects by identifying priorities, managing expectations, and considering tradeoffs.
  • Innovation: Leverage automation and AI/ML to transform enterprise defense from human-driven to AI-driven.
  • Engineering Excellence: Champion best software engineering practices and empower teams to build a culture of quality and operational excellence.
  • Cross-Functional Collaboration: Partner with IT, product, and operations teams to integrate security posture improvements across the entire environment.
What we offer
What we offer
  • Uber's bonus program
  • equity award
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

We’re looking for an experienced security-focused engineer to help shape and sca...
Location
Location
United States , San Francisco
Salary
Salary:
235000.00 - 280000.00 USD / Year
parafin.com Logo
Parafin
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in security operations or application security, preferably in a cloud-native and regulated environment
  • Strong understanding of AWS security, including IAM, VPC, and network segmentation best practices
  • Experience with threat detection and response, vulnerability management, and incident response workflows
  • Familiarity with Kubernetes and container security principles, including RBAC, admission controls, and runtime monitoring
  • Knowledge of compliance frameworks (SOC 2, PCI DSS, ISO 27001) and how to operationalize them in engineering environments
  • Strong communication and collaboration skills — comfortable working across engineering, product, and compliance teams
Job Responsibility
Job Responsibility
  • Lead efforts to improve Parafin’s overall security posture across infrastructure, applications, and data systems
  • Develop and maintain frameworks for identity, access management, and least-privilege enforcement
  • Establish and operate best-in-class security monitoring, alerting, and incident response processes
  • Partner with product and infrastructure engineers to embed secure-by-default patterns in our systems and applications
  • Define and enforce standards for vulnerability management, secrets handling, and dependency integrity
  • Collaborate with compliance and risk teams to build and maintain controls aligned with frameworks such as SOC 2, PCI DSS, and other fintech regulations
  • Support audits and security assessments by ensuring controls are properly implemented and evidenced
  • Contribute to security awareness and training efforts across engineering teams
  • Influence long-term strategy on secure architecture, detection, and response automation
What we offer
What we offer
  • Equity grant
  • Medical, dental & vision insurance
  • Unlimited PTO
  • Work From Home flexibility
  • Commuter benefits
  • Free lunches
  • Paid parental leave
  • 401(k)
  • Employee assistance program
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Credit Genie is a mobile-first financial wellness platform designed to help indi...
Location
Location
United States , New York, NY; Philadelphia, PA; Plymouth Meeting, PA; Pittsburgh, PA; San Francisco, CA
Salary
Salary:
150000.00 - 250000.00 USD / Year
creditgenie.com Logo
Credit Genie
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS/MS/PhD in a Computer Science, Engineering or related scientific field or equivalent professional experience
  • Passionate about advocating for and implementing solutions to complex problems, at-scale, in a large multi-cloud environment
  • Prior experience in Development Operations, Software Engineering, Systems Engineering, Security Architecture, Cloud Security or Offensive Security
  • Fluent in one or more modern coding languages (Python, Go, Java, JavaScript, etc.)
  • Experience with one or more infrastructure as code tools (Terraform, Ansible, etc.)
  • Experience with AWS, GCP, Azure and/or containers (e.g. Kubernetes)
  • Able to work both independently and collaboratively, willing to work in a fast paced, high growth environment
Job Responsibility
Job Responsibility
  • Design new and improve existing security tools, ensure their operational reliability, adherence to SLAs, and strengthen the organization’s security posture through proactive monitoring and continuous improvement
  • Drive innovation by automating security processes and developing advanced methods for analyzing and responding to security findings
  • Maintain and refine custom cloud security baselines, develop and implement cloud security policies and detection rules. Build security controls that detect, prevent, and correct cloud vulnerabilities
  • Collaborate closely with engineering teams to ensure security is embedded into solution design and deployment from the ground up
  • Empathize with the full spectrum of our customers and our engineers by advocating for effective solutions that scale with the needs of our business and our customers
  • Lead threat modeling, vulnerability assessments, and penetration testing to identify and address security risks proactively. Monitor security logs and alerts to detect anomalies and coordinate incident investigations
  • Develop and maintain incident response plans, ensuring rapid detection, analysis, and mitigation of security threats
What we offer
What we offer
  • Offers Equity
  • Offers Bonus
  • 100% company-paid medical, dental, and vision coverage for you and your dependents on your first day of employment
  • Receive up to $100 per month in fitness reimbursement or enjoy a complimentary full membership to LifeTime Fitness or Equinox
  • 401(k) with a 3.5% match and immediate vesting
  • Meal program available for both lunch and dinner
  • Pre-tax benefits, including a $1,000 HSA match
  • Life and accidental insurance
  • Flexible PTO
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Location
Location
Canada; United States , Ottawa; Austin; Toronto; Calgary
Salary
Salary:
Not provided
fullscript.com Logo
Fullscript
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • hands-on experience in secure software development using a core programming language (e.g., Go, Java, Ruby)
  • experience helping scale a security program in a product-led or fast-growing tech environment
  • experience working closely with engineering teams to embed security into the development lifecycle
  • experience building or leading a security initiative from scratch
  • legally eligible to work full time in Canada or US without sponsorship
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

At Cloudera, we empower people to transform complex data into clear and actionab...
Location
Location
United States , Remote
Salary
Salary:
Not provided
cloudera.com Logo
Cloudera
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience developing, deploying, or supporting security tools and services (e.g., security scanners, secrets management, policy engines) used by other engineering & security teams
  • Knowledge of DevSecOps principles and practical experience implementing security controls in CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions)
  • Experience with large-scale cloud security engineering in AWS, Azure, and Google Cloud, including automated network provisioning and secure configuration management
  • Experience with code review of one or more programming languages (Java, Python, Go, JS/TS)
  • Knowledge or experience in Kubernetes operations, security, and using tools like Helm for deployment and policy enforcement
  • Experience using and supporting Infrastructure as Code (IaC) & configuration management tools like Terraform, Cloudformation, or Ansible
  • Experience with operating or supporting security tools and platforms, including HashiCorp Vault for secrets management, Splunk for security monitoring and analytics, and CrowdStrike or similar EDR solutions for endpoint security
  • Working knowledge of web service frameworks, distributed architectures (event-driven, microservices, serverless), and their corresponding security challenges
  • Experience performing security reviews, developing and reviewing threat models, and conducting risk assessments against complex systems
Job Responsibility
Job Responsibility
  • Develop, deploy, and support self-service security tools and services that constitute the internal security platform
  • Contribute knowledge and support for security projects, including support of tool integration and implementation of new security capabilities within the platform
  • Support & improve security integrations into CI/CD pipelines (SAST, DAST, SCA, IAST, etc.) and developer workflows
  • Maintain deployment of secure multi-cloud environments (AWS, Azure, GCP) using Infrastructure as Code (e.g., Terraform, Ansible)
  • Assist with security architecture reviews of new products and features, contribute to threat models, and support adoption of security-as-code best practices
  • Work with the Site Reliability Engineering (SRE) team to maintain & respond to automated monitoring and security integrations for production systems
  • Collaborate with internal security teams to support compliance, incident response, and operational security requirements
  • Enable and support the adoption of security engineering best practices and standards across the organization
  • Evangelize the use of security platform tooling and deliver high-impact DevSecOps training and outreach to internal development & engineering teams
  • Participate members of the Security team and security advocates in advanced DevSecOps principles, platform engineering, and secure coding practices
What we offer
What we offer
  • Generous PTO Policy
  • Support work life balance with Unplugged Days
  • Flexible WFH Policy
  • Mental & Physical Wellness programs
  • Phone and Internet Reimbursement program
  • Access to Continued Career Development
  • Comprehensive Benefits and Competitive Packages
  • Paid Volunteer Time
  • Employee Resource Groups
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Fullscript is seeking a seasoned Staff Security Engineer to join our security te...
Location
Location
Canada; United States , Ottawa; Austin; Toronto; Calgary
Salary
Salary:
Not provided
fullscript.com Logo
Fullscript
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep technical expertise in application security, and secure software development
  • Experience with AI/ML security
  • Strong understanding of modern software architectures, cloud environments, and APIs
  • Proven ability to influence and mentor engineers across teams, fostering security-first thinking and best practices
  • Hands-on experience with security tooling and automation, including static/dynamic analysis, monitoring, and observability systems
  • Strong problem solving skills, able to balance security rigor with product velocity
  • Excellent communication and collaboration skills, able to translate complex security concepts to technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Lead the design and implementation of robust security architectures for Fullscript’s applications, and AI initiatives
  • Collaborate closely with engineering teams to embed security into the development lifecycle, including threat modeling, security coding practices, and design reviews
  • Drive AI security best practices, ensuring responsible deployment, and mitigation of risks such as data poisoning, prompt injection, or model exploitation
  • Mentor engineers and other security team members, fostering a culture of security awareness and technical excellence across the organization
  • Conduct technical risk assessments, security research, and code reviews to proactively identify and remediate vulnerabilities
  • Influence cross-functional teams through technical leadership, helping define security standards and strategies that scale across Fullscript’s products and AI ecosystem
  • Stay ahead of emerging threats, attack vectors, and AI-specific security challenges to guide strategic decisions for the organization’s security posture
What we offer
What we offer
  • Generous PTO and competitive pay
  • Fullscript’s RRSP match program for financial health
  • Flexible benefits package and workplace wellness program
  • Training budget and company-wide learning initiatives
  • Discount on Fullscript catalog of products
  • Ability to work Wherever You Work Well
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Mozilla is looking for a staff security engineer to assist with the design and a...
Location
Location
Canada; United States
Salary
Salary:
128000.00 - 170000.00 CAD / Year
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of demonstrated ability in a security consulting or architecture role
  • Practical experience with the following technologies: Identity and Access Management, Mobile Device / Application Management, Data Loss Prevention, Endpoint Detection and Response
  • Practical experience securing SaaS applications such as but not limited to: Google Workspace, Box, Slack, Workday, Jira and Confluence
  • Experience securing cloud technologies such as Google Cloud, Amazon Web Services and Azure
  • Strong written and verbal skills
  • ability to work effectively with diverse company partners
  • Real-world experience in software development and/or engineering operations
  • B.S. in technology focused fields is helpful
  • Competencies: Ownership and Accountability, Autonomy, High Level of Integrity, Clear Communication, Creative Problem Solver, Passionate about Security
Job Responsibility
Job Responsibility
  • Lead enterprise security control design and architecture across Mozilla SaaS applications and enterprise security tooling
  • Conduct risk assessments and security reviews for SaaS and custom-developed applications and services
  • Collaborate with security leadership on security strategy and prioritization of security projects
  • Coordinate with Security Incident Response Team on incident retrospectives and follow up on security remediation
  • Security Strategy and Governance
  • Develop and implement cybersecurity strategies, policies, and frameworks aligned with organizational goals and regulatory requirements
  • Conduct periodic corporate risk assessments and recommend measures to address identified vulnerabilities
  • Internal Consulting
  • Act as a subject matter expert for internal teams, providing guidance on securing SaaS applications, infrastructure hardening, and data protection
  • Review and approve security controls in project designs and deployments
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right