WARNING! This job is awaiting verification or has expired and may no longer be applicable
We're looking for a top-notch security engineer with a specialty in mobile and application security. In this role you will work directly on Mozilla’s FirefoxOS (Boot2Gecko) project to ensure the ongoing security of the platform and users. In this role you will analyze and assess the security of the FirefoxOS (Boot2Gecko) architecture and core applications. In addition you'll monitor current mobile and web attack trends to ensure our technologies are resilient to emerging attack techniques. This role is an exciting blend of hands-on technical security and bigger picture thinking to ensure our systems integrate effective security controls in a constantly evolving technology landscape.
- Security threat modeling of new features and architectural changes
- Code review, threat modeling and design analysis of FirefoxOS (Boot2Gecko) Architecture, Web APIs and Gaia applications
- Penetration testing and code review of high risk features and components
- Documentation of security risks, interaction with developers, and continued focus to ensure security vulnerabilities are fixed
- Continued security research into top threats for platform and technology
- Coordination with security fuzzing experts to identify key areas for fuzzing focus
- Inbound triage and response to security vulnerabilities
- Documentation and publication of security advisories
- BS in Computer Science or equivalent experience
- Solid understanding of web application attack vectors and countermeasures
- Experience working on a mobile security assessments or mobile platform analysis
- Experience assessing the risk of applications including traditional server side web applications and thick client mobile applications
- Experience with security code review, threat modeling, architectural analysis and risk assessments for web based systems
- Demonstrated experience with finding common web application security issues (XSS, CSRF, session fixation, SQL injection, information leakage, etc.)
- Solid understanding of Android and iOS security models
- Mobile OS experience is a plus
- Strong Linux/Unix background with scripting abilities
- Participation in and contributions to Open Source projects
Mozilla is a global organization, and most roles are available for remote work, but if you are near one of our offices, we're happy to provide you with a desk and the company of talented peers.
Possible locations for this position are remote or in-office in Canada, the U.K., France, New Zealand, or the U.S., or remote in Australia, Denmark, Germany, the Netherlands, Poland, or Sweden.
- Application Info
Please sign in with Google or
GitHub to view this job's application information.
This is necessary to prevent companies from receiving excessive amounts of spam.
Remote or from one of our global offices
Tramcar - Toronto-Waterloo Region Corridor Jobs