We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions. At the high end, we seek deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. More junior roles are available for exceptional individuals with a strong interest in cyber attack and defense, alongside outstanding academic and career performances, even if experience is limited.
Our goal is to build an entirely new level of assurance and observable rigor into the open source supply chain. We monitor our own estate and aim to enhance the robustness of the entire global Ubuntu estate through the work of this team.
The Security Operations (SecOps) team is responsible for the design, implementation, and evolution of Canonical's security practices, techniques, tools, systems, and policies. They own the strategy and practices that determine how Canonical secures its data, internal infrastructure, and build processes. The team ensures the security and integrity of our own infrastructure and product deployments, designing and implementing technical controls to automatically identify, contain, and remediate security threats.
The SecOps team's mission is to not only secure Canonical but also to contribute to the wider open source ecosystem. They may share knowledge through public presentations, industry events, and threat intelligence contributions.
Key Responsibilities:
- Implement and evolve Canonical's SecOps security standards and playbooks.
- Analyze and improve Canonical's security architecture.
- Evaluate, select, and implement new security tools and practices.
- Identify, contain, and guide the remediation of security threats and cyber attacks.
- Grow the presence and thought leadership of Canonical SecOps practice.
- Contribute to open source threat intelligence initiatives.
- Drive threat modeling, table-top exercises, and other SecOps practices across Engineering, IS, and Canonical.
- Develop Canonical SecOps learning materials.
- Publish blog posts, whitepapers, and conference presentations.
- Identify, implement, and track SecOps KPIs.
- Plan and deliver SecOps work within Canonical's agile engineering practice.
- Collaborate with Security leadership to present information and influence change.
Requirements:
- Exceptional academic track record with an undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path.
- Proven drive and a track record of exceeding expectations.
- Deep personal motivation to remain at the forefront of technology security.
- Expertise in threat modeling and risk management frameworks.
- Knowledge of security architecture and leading market security tools.
- Experience with security risk management frameworks such as NIST CSF and security standards such as ISO 27001.
Optional Skills:
- Experience in a security operations team or a security operations center (SOC).
- Experience in offensive or defensive security teams with hands-on abilities.
- Familiarity with state-actor and other advanced persistent threats.
What We Offer:
- Competitive compensation shaped by geographical location and experience.
- Performance-driven annual bonus and recognition rewards.
- Additional benefits including a personal learning and development budget of USD 2,000 per year, annual compensation reviews, maternity and paternity leave, as well as an Employee Assistance Programme.
- Opportunities to travel to meet colleagues and for long-haul company events.
About Canonical:
Canonical is a pioneering tech firm at the forefront of the global move to open source. As the publisher of Ubuntu, one of the world's most significant open source projects, we are impacting the world daily. As a remote-first company since 2004, we invite talented individuals from a global pool to join us in making a difference in technology and innovation.
Language Requirements:
Fluency in English is preferred.
