Sr Manager, Enterprise Security

Why Mozilla?

Mozilla Corporation is the non-profit-backed technology company that has shaped the internet for the better over the last 25 years. We make pioneering brands like Firefox, the privacy-minded web browser. Now, with more than 225 million people around the world using our products each month, we’re shaping the next 25 years of technology and helping to reclaim an internet built for people, not companies. Our work focuses on diverse areas including AI, social media, security and more. And we’re doing this while never losing our focus on our core mission – to make the internet better for people. 

The Mozilla Corporation is wholly owned by the non-profit 501(c) Mozilla Foundation. This means we aren’t beholden to any shareholders — only to our mission. Along with thousands of volunteer contributors and collaborators all over the world, Mozillians design, build and distribute open-source software that enables people to enjoy the internet on their terms. 

About this team and role:

The role is part of the Security Function within the broader Mozilla Infrastructure team. The Security team supports Product, Enterprise and GRC functions across the organization aligned with the mission to build a safe & secure internet.  You will lead a team of security engineers within the Enterprise Security (InfoSec) domain. Your primary focus will be on spearheading strategic and operational initiatives, particularly in Enterprise Application, Endpoint, Data and Infrastructure security with measurable outcomes to raise the security posture of the enterprise. You will also be part of decision making for internal technology choices and enterprise architecture, ensure clear actionable policy and craft domain-specific technology roadmaps. The ideal candidate will have profound technical thought leadership, people management and stakeholder collaboration skills to drive security outcomes.

What you’ll do: 

• Lead the development and execution of enterprise security policies, technology practices and standards across the IT landscape, focused in Application, Endpoint, Data and Infrastructure security
• Define and deliver on OKR’s mapped to measurable KPI’s that improve the enterprise security posture 
• Lead enterprise security risk management including the identification, assessment and mitigation of risks inclusive of running the Security Incident Response Team.
• Bring visibility into application and infrastructure security health, drive mitigations as per SLO as well as reduce technical debts
• Collaborate with other InfoSec domains and IT to integrate security into operations and strategic initiatives
• Lead , partner and deliver on ISO compliance / GRC related gaps and remediations
• Manage a team of highly driven security engineers, establish team goals and metrics to enhance expertise
• Be a strong thought leader and clearly communicate and build support for your ideas
• Be a key advisor to the senior leadership on enterprise security risks and strategies

Your Professional Profile 

• 10+ years of progressive experience in developing and delivering an robust progressive enterprise security framework
• Strong understanding and deep knowledge of enterprise systems and services with security & compliance related best practices 
• Relevant industry certifications (CISA, CISSP, CISM, CRISC, etc) 
• Hands-on understanding of using various technology and tools (SEIM, Vulnerability mgmt, MDM/ EDR / DLP, IdP/IAM, BI Tools)
• Ability to develop security incident Root Cause Analysis (RCA) and remediation plans to resolve risk deficiencies working with respective stakeholder teams.
• Strong critical thinking skills with the ability to drive long term organizational impact
• A background that demonstrates a bias for action and the ability to navigate constraints in order to achieve business outcomes
• Ability to collaborate and influence a diverse group of stakeholders to address cross-functional challenges and lead change

What you’ll get:

• Generous performance-based bonus plans to all eligible employees - we share in our success as one team
• Rich medical, dental, and vision coverage
• Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)
• Quarterly all-company wellness days where everyone takes a pause together
• Country specific holidays plus a day off for your birthday
• One-time home office stipend
• Annual professional development budget
• Quarterly well-being stipend
• Considerable paid parental leave
• Employee referral bonus program
• Other benefits (life/AD&D, disability, EAP, etc. - varies by country)

About Mozilla 

Mozilla exists to build the Internet as a public resource accessible to all because we believe that open and free is better than closed and controlled. When you work at Mozilla, you give yourself a chance to make a difference in the lives of Web users everywhere. And you give us a chance to make a difference in your life every single day. Join us to work on the Web as the platform and help create more opportunity and innovation for everyone online.

Commitment to diversity, equity, inclusion, and belonging

Mozilla understands that valuing diverse creative practices and forms of knowledge are crucial to and enrich the company’s core mission.  We encourage applications from everyone, including members of all equity-seeking communities, such as (but certainly not limited to) women, racialized and Indigenous persons, persons with disabilities, persons of all sexual orientations, gender identities, and expressions.

We will ensure that qualified individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment, as appropriate. Please contact us at hiringaccommodation@mozilla.com to request accommodation.

We are an equal opportunity employer. We do not discriminate on the basis of race (including hairstyle and texture), religion (including religious grooming and dress practices), gender, gender identity, gender expression, color, national origin, pregnancy, ancestry, domestic partner status, disability, sexual orientation, age, genetic predisposition, medical condition, marital status, citizenship status, military or veteran status, or any other basis covered by applicable laws.  Mozilla will not tolerate discrimination or harassment based on any of these characteristics or any other unlawful behavior, conduct, or purpose.

Group: C

#LI-DNI

Req ID: R2954