About the Job:
This is a unique opportunity to leverage your software engineering and cryptography skills in building and maintaining the security foundation for Ubuntu, ensuring compliance with international information security standards such as FIPS 140-3 and Common Criteria. You will enhance the Ubuntu distribution through applied cryptography and Linux Security, collaborating with organizations like DISA and CIS to draft and implement security hardening benchmarks.
As a member of the Security Hardening team, your responsibilities will include developing automation tools to audit deployed systems for compliance, identifying gaps in frameworks, and creating solutions to address these challenges. This role allows you to influence the security culture within the team, facilitate technical delivery, and drive project direction in collaboration with Canonical's kernel team and the wider engineering organization.
Day-to-Day Responsibilities:
- Collaborate with Security Hardening team members to achieve security certifications.
- Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, etc.) required for certifications.
- Work with external security consultants to test and validate kernel and crypto module components.
- Develop security hardening benchmarks and automation for Ubuntu audit and remediation.
- Contribute to community-driven Ubuntu projects.
What We Are Looking For:
- Hands-on experience with low-level Linux cryptography APIs and debugging.
- Strong software engineering fundamentals, particularly in C development.
- Proficiency in Linux system administration and shell scripting.
- Knowledge of security and cryptography fundamentals, with experience writing secure code.
- Experience with open-source libraries and excellent verbal and written communication skills for remote collaboration.
Additional Skills That You Might Bring:
- Prior experience with FIPS/Common Criteria certified products.
- Familiarity with DISA-STIG or CIS benchmarks and related audit tooling.
- Experience with Linux Kernel.
- Proficiency in Python, OVAL (Open Vulnerability Assessment Language), and Ansible.
- Contributions to open-source projects.
What We Offer:
- Competitive compensation reviewed annually.
- Performance-driven annual bonus.
- Personal learning and development budget of USD 2,000 per year.
- Recognition rewards.
- Annual holiday leave, maternity and paternity leave.
- Employee Assistance Programme.
- Opportunities to travel for team events.
Language Requirements:
English proficiency is expected for effective communication in a remote-first environment.
Canonical is a pioneering tech firm leading the global move to open source and is an equal opportunity employer. We foster a workplace free from discrimination and value diverse experiences and perspectives.
