This position is part of a general track for security-focused engineering across all teams at Canonical, suitable for exceptional security-focused software engineers. Each product engineering team typically includes one or two dedicated security-oriented software engineers responsible for enhancing the team's approach to security. They contribute to the product as engineers but primarily focus on improving security through modern practices, including threat modeling, architecture reviews, and security testing.
Ready to apply for roles like this?
Unlock the company name and direct application link. Subscribers get instant access to fresh jobs across Dubai, Abu Dhabi and Riyadh, many with visa support.
Unlock employer & apply directly
Key products motivated by security technology and requirements include AppArmor kernel investments and various hardening, compliance, and certification toolkits for Ubuntu. Canonical, as the publisher of Ubuntu, also manages long-term security response for the entire operating system and open source community.
The role covers all aspects of product security such as feature development, vulnerability response, proactive security, and community participation, requiring collaboration with multiple engineering teams, customers, and open source partners.
Responsibilities
- Define, implement, and document new security features.
- Lead security-oriented initiatives within product engineering teams.
- Analyze, fix, and test vulnerabilities in Canonical and open source software.
- Contribute to Ubuntu and upstream projects.
- Audit and analyze source code for vulnerabilities.
- Integrate new tools into security infrastructure and processes.
- Achieve and maintain various security certifications.
- Enhance Linux cryptographic components to meet compliance requirements.
- Work with external partners to develop CIS benchmarks.
- Design and develop hardening automation for Ubuntu.
- Monitor industry developments and provide guidance to other engineering teams.
Requirements
- Strong academic background in Computer Science or STEM, or compelling alternative experience.
- Drive and proven track record of exceeding expectations.
- Understanding of common security vulnerabilities and modern engineering techniques to address them.
- Familiarity with open source development tools.
- Proficiency in one or more of C, Python, Go, Rust, Java, Ruby, or PHP.
- Experience as a security champion and driving security within the software development lifecycle.
- Professional written and spoken English.
- Experience with Linux (Debian or Ubuntu preferred) and excellent interpersonal skills.
Optional Skills
- Experience with Linux Kernel Security and knowledge of certification processes.
- Familiarity with OVAL and low-level Linux cryptography APIs.
- Performance engineering experience.
Travel Requirement
Ability to travel twice a year for company events, each lasting up to two weeks.
What We Offer
- Competitive compensation with annual reviews and performance-driven bonuses.
- Personal learning and development budget of USD 2,000 per year.
- Comprehensive benefits reflecting company values and fairness globally.
- Distributed work environment with in-person team sprints.
- Annual holiday leave, maternity and paternity leave, and employee assistance programs.
- Opportunities to travel for meetings and events.
About Canonical
Canonical is a leading tech firm driving the global shift to open source, publishing Ubuntu, a major open source platform. Committed to a remote-first working model since 2004, Canonical values excellence and diversity in its workforce, creating a better environment for all.
