Trust & Safety Program Lead

Location(s): US, Canada, UK

MZLA Technologies Corporation (MZLA) is a wholly owned, for-profit subsidiary of the Mozilla Foundation and home to Thunderbird, our flagship open-source email and productivity platform empowering more than 20 million people around the world. While part of the Mozilla portfolio of companies, MZLA operates independently in both identity and organizational structure from the Mozilla Foundation and Mozilla Corporation.

Everything we build at MZLA is open source, developed transparently and in collaboration with a global community of contributors. This open approach shapes not only our products but also how we work: collaboratively, inclusively, and with a shared commitment to building technology that puts users first. We believe privacy and productivity should coexist, and that people deserve powerful digital tools without surrendering control of their data.

MZLA is a small but growing team of 50+ people distributed across seven countries. As we evolve Thunderbird from a single application into a suite of privacy-respecting productivity tools, we’re introducing new products and services that remain independent of big tech ecosystems. Our unique revenue model combines community donations that keep Thunderbird freely available with subscriptions for new cloud-based services, allowing us to grow and innovate while remaining independent and true to our values.

To learn more, visit www.thunderbird.net

The Opportunity:

The Trust & Safety Program Lead is responsible for developing and maintaining MZLA’s frameworks for user safety, data protection, and regulatory compliance. As our product portfolio expands to include paid email and file sharing, this role ensures that all services operate securely, ethically, and in compliance with applicable laws and internal policies.

This is a new role and combines hands-on operational leadership in trust and safety with policy and compliance ownership for privacy and data protection. The Program Lead develops and implements the tools, processes, and policies that protect users from abuse, fraud, and misuse, while serving as MZLA’s internal subject matter expert on privacy and trust. Working cross-functionally with engineering, product, legal, and support teams, and in collaboration with external counsel and Mozilla’s privacy resources, this role translates policy into practice to safeguard user data, uphold transparency, and maintain confidence in MZLA’s products and services.

What You’ll Do:

• Develop and lead trust & safety frameworks that protect users and prevent abuse, fraud, and misuse.
• Build and maintain privacy and data protection programs, ensuring compliance with GDPR, CCPA, and other global regulations.
• Serve as MZLA’s internal expert on privacy and safety, translating legal and policy requirements into practical, scalable operations.
• Investigate and coordinate responses to trust, safety, and privacy incidents in collaboration with product, engineering, and legal teams.
• Partner cross-functionally to embed privacy-by-design and safety considerations into new features and systems.
• Maintain documentation, risk assessments, and compliance reviews while advancing transparency in user communications.
• Monitor evolving privacy and safety regulations and advise leadership on emerging risks and requirements.

What You’ll Bring:

• 7+ years of experience in Trust & Safety, Privacy, or Compliance within SaaS, communications, or digital products.
• Strong understanding of regulatory requirements (e.g., GDPR, CCPA) and tech industry best practices related to privacy (globally).
• Proven ability to develop and enforce internal policies and operational processes.
• Experience managing privacy or security incidents, including documentation and cross-functional coordination.
• Familiarity with abuse detection, spam prevention, and user safety systems.
• Excellent communication skills, with the ability to present to both technical and non-technical audiences.
• Strong project and stakeholder management skills.
• Sound judgment and discretion in handling sensitive or confidential information.

Bonus Points For:

• Experience in open-source or community-driven environments.
• Knowledge of data security standards (ISO 27001, SOC 2) and vendor compliance.
• Familiarity with privacy impact assessments (DPIAs) and risk modeling.
• Ability to build and scale privacy and safety programs in a distributed, global organization.

Work Environment:

This is a remote full-time position. Strong communication and documentation skills are essential for effective collaboration across time zones and disciplines.

You’ll collaborate with staff and community members worldwide to create exceptional user experiences and advance MZLA’s mission.

What you’ll get:

We benchmark our base salaries to local markets and target the 60th percentile of the peer market. The salary ranges for this role are:

• US: $130,000 - $155,000
• Canada: $115,000 - $130,000 CAD
• UK: £70,000 - £84,000 GBP

We may consider candidates with strong skills but less than the required experience. Title, level and compensation will be determined based on qualifications and experience.

In addition to competitive salaries, we offer a comprehensive benefits package designed to support your whole self.

Work & Career

• Fully remote work & schedule flexibility
• Latest Laptop 
• Remote Work Stipend
• Professional Development Stipend
• Access to Udemy Learning Platform
• Industry Conferences
• Company All Hands

Rest & Play

• 24 days PTO per year (prorated) 
• Your Birthday
• Year-end Company Shutdown
• Wellbeing Days
• Public Holidays
• Other Paid Leave
• Wellbeing Stipend for Personal / Family Activities

Health & Family

• 401(k) / RRSP Pension Contributions
• Health, Dental, & Vision Insurance
• Disability Insurance
• Life Insurance
• Employee Assistance Program 
• Paid Parental Leave
• Paid Sick Days 

Work Eligibility:

Applicants must reside in and have permanent work authorization for the country location(s) specified in the posting. We are unable to consider applicants outside of these markets at this time. And, we do not provide visa sponsorship.

How to Apply:

Please apply directly through our career page. We carefully review every cover letter and screening question, so take the time to answer each fully. We also value authenticity. We want to hear your perspective, not a bot’s. It's fine to use AI to polish your writing, but not to write your answers. Candidates who submit unoriginal AI generated answers will be disqualified from further screening. 

MZLA Technologies Corporation (MZLA) Commitment to diversity, equity and inclusion

MZLA believes in the value of diverse creative practices and forms of knowledge, and knows diversity, equity and inclusion are crucial to and enrich the company’s core mission. We encourage applications from everyone, including members of all equity-seeking communities, such as (but not limited to) women, racialized and Indigenous persons, persons with disabilities, persons of all sexual orientations, gender identities and expressions.

We are an equal opportunity employer. We do not discriminate on the basis of race (including hairstyle and texture), religion (including religious grooming and dress practices), gender, gender identity, gender expression, color, national origin, pregnancy, ancestry, domestic partner status, disability, sexual orientation, age, genetic predisposition, medical condition, marital status, citizenship status, military or veteran status, or any other basis covered by applicable laws. Mozilla will not tolerate discrimination or harassment based on any of these characteristics or any other unlawful behavior, conduct, or purpose. 

We will ensure that qualified individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment, as appropriate. Please contact us at hiringaccomodations@thunderbird.net to request accommodation.

#LI-DNI