Security Software Engineer

The company is a leading provider of open source software and operating systems for the global enterprise and technology markets. Our platform, Ubuntu, is widely utilized in various enterprise initiatives, including public cloud, data science, AI, engineering innovation, and IoT. We are a pioneer of global distributed collaboration, with over 1200 colleagues in more than 75 countries, and very few office-based roles. Teams meet in interesting locations around the world two to four times a year to align on strategy and execution.

The company seeks exceptional security-focused software engineers to integrate into our product teams. Although they will contribute as engineers, their main focus will be to promote security awareness within the teams through practices such as threat modeling, architecture reviews, and vulnerability analysis. Engineers in this role will engage in all aspects of product security, including feature development, vulnerability response, proactive security measures, and collaborating with the open source community. Responsibilities include defining and documenting new security features, analyzing source code for vulnerabilities, contributing to open source projects, and integrating security tools within our infrastructure.

Work Conditions:

• This is a globally remote role.
• Requires mandatory international travel at least twice a year, typically for one week.

Key Responsibilities:

• Define, implement, and document new security features.
• Lead security initiatives within product engineering teams.
• Analyze, fix, and test vulnerabilities in open source software.
• Audit and analyze source code for vulnerabilities.
• Contribute to Ubuntu and upstream open source projects.
• Work with external partners on Center for Internet Security (CIS) benchmarks.
• Develop hardening automation for Ubuntu.

Requirements:

• Exceptional academic track record in Computer Science or STEM.
• Experience with one or more programming languages: C, C++, Python, Go, Rust, Java, Ruby, PHP, or JavaScript/Typescript.
• Familiarity with open source development tools and methodologies.
• Proficient in professional written and spoken English.
• Experience with Linux (Debian or Ubuntu preferred).
• Strong interpersonal skills, curiosity, and self-motivation.

Optional Skills:

• Communication skills with team and community members.
• Experience with the Linux kernel or security certifications.
• Knowledge of cryptographic modules (OpenSSL, Libgcrypt) and Linux cryptography APIs.

Compensation and Benefits:

• Competitive salary based on location, experience, and performance.
• Annual compensation review and performance-driven bonuses.
• Personal learning and development budget of USD 2,000 per year.
• Recognition rewards and annual holiday leave.
• Maternity and paternity leave.
• Employee Assistance Programme.
• Opportunities for travel to meet colleagues globally.

About the company: The company is at the forefront of the global move to open source, publishing Ubuntu, one of the most significant open source projects. We recruit globally and maintain a high standard for our employees, fostering a diverse workplace free from discrimination.