Canonical is seeking several senior and staff Security Operations Engineers to join a newly formed team reporting to the Chief Information Security Officer (CISO). This team will focus on defending critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We are interested in candidates ranging from experienced professionals with deep backgrounds in security operations to exceptional individuals with a strong personal interest and engagement in cyber attack and defense, even if their professional experience is limited. The goal of this team is to enhance the assurance and observable rigor in the open-source supply chain, improving the overall security of the global Ubuntu estate.
The Security Operations (SecOps) team is responsible for the design, implementation, and evolution of Canonical's security practices, tools, systems, and policies. They ensure the security and integrity of both internal infrastructure and product deployments, automatically identifying and mitigating security threats.
Responsibilities:
- Implement and evolve Canonical's Security Operation Center.
- Analyze and improve Canonical's security architecture.
- Evaluate, select, and implement new security tools and practices.
- Identify and remediate security threats and cyber attacks.
- Grow the presence and thought leadership of Canonical's SecOps practice.
- Contribute to open source threat intelligence initiatives.
- Drive threat modeling and other SecOps practices.
- Develop SecOps learning and development materials.
- Publish blog posts, whitepapers, and conference presentations.
- Identify and track SecOps KPIs.
- Plan and deliver SecOps work within Canonical's agile engineering framework.
Qualifications:
- Exceptional academic track record with a degree in Computer Science or related STEM field, or a compelling alternative path.
- Previous experience working or leading in a Security Operation Center.
- Deep motivation to be at the forefront of technology security.
- Expertise in threat modeling and risk management frameworks.
- Knowledge of security architecture and leading market security tools.
- Experience with threat intelligence feeds.
- Familiarity with security risk management frameworks such as NIST CSF and ISO27001.
Nice to Have:
- Experience in a security operations team or Security Operations Center (SOC).
- Background in offensive or defensive security with hands-on experience.
- Familiarity with advanced persistent threats.
Work Conditions:
- Full-time, remote position.
- Twice-yearly team sprints in person.
- Competitive compensation based on geographical location, experience, and performance.
- Performance-driven annual bonus.
- Additional benefits, including a personal learning and development budget, annual compensation reviews, and various leave policies.
Languages: Proficiency in English is typically expected, though specific language requirements were not mentioned.
About Canonical:
Canonical is a pioneering tech firm leading the global transition to open source, known for publishing Ubuntu. As a remote-first company since 2004, we promote a diverse and inclusive workplace that values different perspectives. We strive for excellence and embrace innovation.
