Tech Stack

Description

You will be part of a team responsible for monitoring and mitigating attacks across Mozilla's products and services, acting as an incident commander to drive incidents through the response lifecycle, and conducting threat hunting to ensure the integrity of Mozilla's products.

Requirements

• 5+ years managing security incidents at a global scale or experience in SOC, PSIRT, CSIRT
• Expertise with SIEM systems (ELK, BigQuery, Splunk preferred)
• Expertise integrating threat intelligence for detection engineering
• Expertise with SOAR platforms (Tines or Splunk SOAR)
• Superb communication and leadership skills; ability to partner with diverse stakeholders

Responsibilities

• Identify and respond to security incidents on a global scale
• Act as incident commander driving incidents through the entire response lifecycle
• Design and maintain security alerts, automated actions, playbooks, and escalation workflows for 24/7 incident response
• Conduct threat hunting and maintain forward-thinking strategies against sophisticated threat actors
• Partner with stakeholders to maintain a continuously improving feedback loop of preparation, identification, analysis, containment, and post mortem activities