Add-ons Code Security Analyst

The Company

Our unique corporate structure guarantees that every decision we make upholds our mission: to make sure the internet stays available, safe, and welcoming to everyone. Beholden to neither shareholders nor investors, Mozilla Corporation is wholly owned by the not-for-profit Mozilla Foundation.

Along with 20,000 volunteer contributors and collaborators all over the world, Mozilla Corporation’s staff designs, builds, and distributes software that allows people to enjoy the internet on their own terms. Our flagship product — the Firefox browser — has expanded into a family of products that protects users and alerts them of risks.

The Role

Add-ons (or “browser extensions”) are software programs, most often developed by a third party, that allow you to add features to Firefox to customize your browsing experience. With billions of downloads and millions of users every day, add-ons are a significant part of the Firefox experience.

Mozilla is looking for a Code Security Analyst to join the Firefox Add-ons team,to keep users safe from malicious extensions and support developers with add-on development. 

You will be engaging in special projects to increase the effectiveness of our review pipeline, monitoring existing signals and create new rules to detect add-ons of interest, and take action against malicious activity on addons.mozilla.org.

As a code security analyst, you will:

• Review add-ons for security, functionality, user experience, and compliance with policies.
• Resolve complicated policy or operational issues raised by other reviewers.
• Assist add-on developers in resolving policy questions, conflicts, and other review issues.
• Identify areas of improvement in review tools and operations, and collaborate with the add-ons engineering team to optimize them.
• Work on add-ons ecosystem related projects, using development, documentation, and other technical skills.

Your Professional Profile

• 3 years of professional experience and proficiency in JavaScript, including more recent additions to the specification (ES6 ), and a proven grasp of the web platform (JS, HTML, CSS, DOM).
• Experience reviewing code from a client security perspective.
• Strong analytical skills and decision making, to support effectively identifying malicious add-ons and inferring behavior from complex, obfuscated or minified code.
• Ability to work with command line and build tools commonly used in JavaScript environments.
• Experience collaborating remotely and asynchronously with an international team.
• Excellent written and verbal communication skills in English.

Things that might set you apart from other applicants:

• Empathy for the experience of our community of users, developers, and volunteers, advocating for them based on community insights.
• A background in creating or reviewing browser extensions.
• Experience with one or more of Python, Django and React.
• Ability to create SQL queries to support metrics and analysis.

Does this sound like the right challenge for your next endeavor? We'd love to hear from you and make you a part of our team!.

About Mozilla 

Mozilla exists to build the Internet as a public resource accessible to all because we believe that open and free is better than closed and controlled. When you work at Mozilla, you give yourself a chance to make a difference in the lives of Web users everywhere. And you give us a chance to make a difference in your life every single day. Join us to work on the Web as the platform and help create more opportunity and innovation for everyone online.

Commitment to diversity, equity, inclusion, and belonging

Mozilla understands that valuing diverse creative practices and forms of knowledge are crucial to and enrich the company’s core mission.  We encourage applications from everyone, including members of all equity-seeking communities, such as (but certainly not limited to) women, radicalized and Indigenous persons, persons with disabilities, persons of all sexual orientations, gender identities, and expressions.

We will ensure that qualified individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment, as appropriate. Please contact us at hiringaccommodation@mozilla.com to request accommodation.

We are an equal opportunity employer. We do not discriminate on the basis of race (including hairstyle and texture), religion (including religious grooming and dress practices), gender, gender identity, gender expression, color, national origin, pregnancy, ancestry, domestic partner status, disability, sexual orientation, age, genetic predisposition, medical condition, marital status, citizenship status, military or veteran status, or any other basis covered by applicable laws.  Mozilla will not tolerate discrimination or harassment based on any of these characteristics or any other unlawful behavior, conduct, or purpose.

Group:

#LI-REMOTE