This role offers a unique opportunity to leverage your software engineering and cryptography skills to build and maintain the security foundation that enables Ubuntu and its users to operate securely while remaining compliant with international information security standards such as FIPS 140-3 and Common Criteria. You will apply your expertise in cryptography, Linux Security, and coding to enhance the Ubuntu distribution, collaborating with organizations like DISA and CIS to draft and implement security hardening benchmarks.
As a member of the Security Hardening team, you will develop automation tools to audit systems for compliance with DISA-STIG and CIS benchmarks. This position offers the chance to influence team and security culture, facilitate technical delivery, and help drive team direction and execution. You'll work closely with Canonical's kernel team and the wider engineering organization to drive features affecting all Ubuntu users.
Day-to-day Responsibilities:
- Collaborate with the Security Hardening team to maintain various security certifications.
- Enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, etc.) for FIPS and CC certification.
- Collaborate with external security consultants to test and validate kernel and crypto module components.
- Work with partners to develop security hardening benchmarks and automation for auditing and remediation.
- Contribute to Ubuntu mainline and upstream projects to benefit the community.
- Communicate and collaborate to identify opportunities for security improvements and deliver high-quality solutions.
What We Are Looking For:
- Hands-on experience with low-level Linux cryptography APIs and debugging.
- Strong software engineering fundamentals with experience in C development.
- Experience in Linux system administration and shell scripting.
- Knowledge of security and cryptography fundamentals, with experience in writing secure code.
- Significant development experience with open-source libraries.
- Excellent verbal and written communication skills for collaboration in a remote environment.
Additional Skills That You Might Bring:
- Experience with FIPS/Common Criteria certified products and related standards.
- Familiarity with DISA-STIG or CIS benchmarks, including compliance auditing tools (e.g. Compliance as Code).
- Experience with the Linux Kernel.
- Knowledge of Python, OVAL, and Ansible.
- A history of contributions to open source projects.
Language Requirements:
Strong verbal and written communication skills in English.
What We Offer You:
- Competitive compensation based on geographical location, experience, and performance.
- Performance-driven annual bonus.
- Personal learning and development budget of USD 2,000 per year.
- Annual compensation review and recognition rewards.
- Annual holiday leave and maternity/paternity leave.
- Employee Assistance Programme.
- Opportunities for travel to meet colleagues.
About Canonical:
Canonical is a leading tech firm at the forefront of open source, publishing Ubuntu and promoting its applications across AI, IoT, and cloud computing. As a remote-first company since 2004, we prioritize skills over geography, aiming for excellence in all aspects of our operations. We are an equal opportunity employer and welcome diversity in our workforce.
