About the Job: This global leadership role in cyber security is to manage the Security Operations (SecOps) team responsible for the design, implementation, and evolution of Canonical security practices, tools, systems, and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, infrastructure, and build processes. The SecOps team assures the security and integrity of Canonical’s infrastructure and product deployments, designing and implementing technical security controls that automatically identify, contain, and remediate security threats. As a leader, you will collaborate with the Organisational Learning and Development team to develop playbooks and facilitate SecOps training across Canonical. This is a management position where expertise in security practices is expected. The ideal candidate will have hands-on experience with various open source and proprietary security tools and practices. The mission includes not only securing Canonical but also contributing to the wider open source ecosystem through sharing knowledge and representing Canonical in governance bodies. Key Responsibilities: - Hire and mentor a team of security professionals. - Define Canonical's SecOps security standards and playbooks. - Own and drive the architecture and design of the Security Operations Centre (SOC). - Analyze and improve Canonical's security architecture. - Evaluate, select, and implement new security tools and practices. - Identify, contain, and guide the remediation of security threats and cyber threats. - Increase the presence and thought leadership of Canonical's SecOps practice. - Contribute to open source threat intelligence initiatives. - Drive threat modeling and other SecOps practices across the company. - Develop SecOps learning and development materials, and publish knowledge-sharing content. Requirements: - Proven track record of mitigating advanced threats, including nation-state actors. - Expert understanding of SOC architecture and design. - In-depth knowledge of security tools and practices, particularly Linux security. - Ability to design, implement, automate, and measure incident response playbooks. - Experience with security risk management frameworks such as NIST CSF. - Excellent business English writing and presentation skills. Optional: - Experience in offensive or defensive security teams. - Familiarity with ISO 27001 standards. - Background in security posture management for corporate endpoints. Language Requirements: - Excellent command of business English is required.
