Complete Posting Infrastructure Security Engineer

Infrastructure Security Engineer

Mountain View, CA, CA, United States Job Type: Full-Time

We're looking for an exceptional Security Engineer to be part of the Mozilla' Infrastructure Security Team who's sole mission is to make sure Mozilla's environment is secure and safe for 350+ million users. Our gear serves updates, products, add-ons and services to over ~25% of the web and with that high profile comes constant risk of malicious attacks. This position will require coordinations between many aspects of security with a focus on vulnerability management, incident response, and event aggregation and correlation.

This individual will be a highly motivated security professional who understands vulnerability analysis and is able to perform assessments for large and complex web environment. The ideal candidate will understand common web vulnerabilities, read code, and recommend solutions.

Responsibilities:

• Perform web application assessments for php and cgi environments

• Coordinate external and internal security scanning efforts

• Evaluate findings and qualify issues in order to determine true security impact

• Coordinate remediation efforts for qualified findings with various groups within the company

• Monitor real time security logging applications for anomalies within the environment

• Provide code reviews and expertice for deployments of new systems architecture, web sites and database architectures

Requirements:

• Knowledge in software development Linux and database enviroments including MySQL and PostgreSQL

• Strong Linux/Unix background with scripting abilities

• Understand web application attack vectors and how to exploit/correct them

• Solid understanding of web application counter-measures

• Must provide remediation methods and suggest action based on vulnerability reporting

Qualified candidates should sumbit their resume to Mark Gentry