URL

http://www.mozilla.org

Headquarters

United States

Twitter

MozCareers

Facebook

mozilla

Company's Other Jobs

Click to view

WARNING! This job is awaiting verification or has expired and may no longer be applicable
Category

System Administration

Posted

2013-05-27 09:46

Description

We're looking for a top-notch security engineer with a specialty in mobile and application security. In this role you will work directly on Mozilla’s FirefoxOS (Boot2Gecko) project to ensure the ongoing security of the platform and users. In this role you will analyze and assess the security of the FirefoxOS (Boot2Gecko) architecture and core applications. In addition you'll monitor current mobile and web attack trends to ensure our technologies are resilient to emerging attack techniques. This role is an exciting blend of hands-on technical security and bigger picture thinking to ensure our systems integrate effective security controls in a constantly evolving technology landscape.

Responsibilities:

  • Security threat modeling of new features and architectural changes
  • Code review, threat modeling and design analysis of FirefoxOS (Boot2Gecko) Architecture, Web APIs and Gaia applications
  • Penetration testing and code review of high risk features and components
  • Documentation of security risks, interaction with developers, and continued focus to ensure security vulnerabilities are fixed
  • Continued security research into top threats for platform and technology
  • Coordination with security fuzzing experts to identify key areas for fuzzing focus
  • Inbound triage and response to security vulnerabilities
  • Documentation and publication of security advisories

Requirements:

  • BS in Computer Science or equivalent experience
  • Solid understanding of web application attack vectors and countermeasures
  • Experience working on a mobile security assessments or mobile platform analysis
  • Experience assessing the risk of applications including traditional server side web applications and thick client mobile applications
  • Experience with security code review, threat modeling, architectural analysis and risk assessments for web based systems
  • Demonstrated experience with finding common web application security issues (XSS, CSRF, session fixation, SQL injection, information leakage, etc.)
  • Solid understanding of Android and iOS security models
  • Mobile OS experience is a plus
  • Strong Linux/Unix background with scripting abilities
  • Participation in and contributions to Open Source projects

Mozilla is a global organization, and most roles are available for remote work, but if you are near one of our offices, we're happy to provide you with a desk and the company of talented peers.

Possible locations for this position are remote or in-office in Canada, the U.K., France, New Zealand, or the U.S., or remote in Australia, Denmark, Germany, the Netherlands, Poland, or Sweden.

Application Info

Please sign in with Google or GitHub to view this job's application information. This is necessary to prevent companies from receiving excessive amounts of spam.

Country

Anywhere*

Location

Remote or from one of our global offices

Tramcar - Toronto-Waterloo Region Corridor Jobs