Job Overview Canonical is seeking a highly skilled and motivated Security Software Engineer to join our team. This role will be responsible for defining, implementing, and documenting new security features, leading security-oriented thinking in a product engineering team, analyzing, fixing, and testing vulnerabilities in Canonical and open source software, contributing to Ubuntu and upstream projects to benefit the community, auditing and analyzing source code for vulnerabilities, integrating new tools in our security infrastructure, pipelines, and processes, achieving and retaining various security certifications, extending and enhancing Linux cryptographic components - specifically with modules such as OpenSSL/Libgcrypt - with the features and functionality required for country-specific compliance such as FIPS and CC certification, working with external partners to develop CIS benchmarks, designing and developing hardening automation for Ubuntu, monitoring the security industry for new developments, developing, testing, and maintaining new software capabilities, providing guidance and support to other engineering teams. Key Responsibilities - Define, implement, and document new security features. - Lead security-oriented thinking in a product engineering team. - Analyze, fix, and test vulnerabilities in Canonical and open source software. - Contribute to Ubuntu and upstream projects to benefit the community. - Audit and analyze source code for vulnerabilities. - Integrate new tools in our security infrastructure, pipelines, and processes. - Achieve and retain various security certifications. - Extend and enhance Linux cryptographic components. - Work with external partners to develop CIS benchmarks. - Design and develop hardening automation for Ubuntu. - Monitor the security industry for new developments. - Develop, test, and maintain new software capabilities. - Provide guidance and support to other engineering teams. Requirements - Exceptional academic track record from both high school and university. - Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path. - Drive and a track record of going above-and-beyond expectations. - Thorough understanding of common categories of security vulnerabilities. - Modern engineering techniques to find and fix them. - Familiarity with open source development tools and methodologies. - Skill in one or more of C, Python, Go, Rust, Java, Ruby, or PHP. - Experience as a security champion. - Experience driving security within a wider SDLC process. - Professional written and spoken English. - Experience with Linux (Debian or Ubuntu preferred). - Excellent interpersonal skills, curiosity, flexibility, and accountability. - Passion, thoughtfulness, and self-motivation. - Excellent communication and presentation skills. - Result-oriented, with a personal drive to meet commitments. - Ability to travel twice a year, for company events up to two weeks each. Optional Skills We Also Value - Clear and effective communication with the team and Ubuntu community members. - Experience working with Linux Kernel. - Security Certification experience and knowledge in FIPS and/or CC. - Experience with OVAL (Open Vulnerability Assessment Language). - Knowledge of and familiarity with low-level Linux cryptography APIs. - Demonstrated high learning ability. - Performance engineering experience. What We Offer - Distributed work environment with twice-yearly team sprints in person. - Personal learning and development budget of USD 2000 per year. - Annual compensation review. - Recognition rewards. - Annual holiday leave. - Maternity and paternity leave. - Employee Assistance Programme. - Opportunity to travel to new locations to meet colleagues. - Priority Pass, and travel upgrades for long haul company events.