Engineering Manager - Security Standards and Hardening

As the most widely used Linux distribution, Ubuntu underpins the security of the entire internet. The role of Security Engineering Manager directly impacts the safety and security of millions of users worldwide. Join a team of security experts dedicated to protecting the open-source ecosystem and driving innovation. Your leadership will be instrumental in addressing emerging threats, developing robust security measures, and ensuring the continued integrity of Ubuntu. This is an opportunity to make a tangible difference and leave a lasting legacy on the digital landscape.

As we place ever more trust in software and data security in our increasingly connected world, Canonical's mission to deliver the world's best open source platform comes with a responsibility: to set the highest possible standard for software security, not only for the OS, but also for the wide range of open source infrastructure and software that developers enjoy within the Ubuntu ecosystem. With Canonical's Ubuntu being the leading open source platform for large-scale cloud and edge deployments, we are increasingly called upon to help customers meet strict security requirements such as FIPS, CIS, STIG, FedRAMP and the new CRA.

This role is about leading the charge to set the security standards for open source software across the Ubuntu platform, from desktops, servers and edge devices to cloud infrastructure, Kubernetes and OpenStack, by certifying core components to meet industry standards and guiding development teams across the company in security best practices. We work primarily within the areas of cryptographic modules (FIPS 140) and system hardening, where we collaborate with industry partners including CIS and DISA to define and build secure operating system deployments.

An Engineering Manager is responsible for line management and career guidance. The ability to develop engineering talent, to represent your team and product from a technical perspective, and to drive collaboration with other teams and customers are all critical to success in this role.

1. Lead and develop a team of engineers, ranging from graduate to senior
2. Coach, mentor, and offer career development feedback
3. Identify and measure team health indicators
4. Implement disciplined engineering processes
5. Represent your team and product to stakeholders, partners, and customers
6. Develop and evangelize great engineering and organizational practices
7. Plan and manage progress on agreed goals and projects
8. Support our products and customers to meet strict product security requirements such as FIPS, CIS, STIG, FedRAMP and the new CRA
9. Support the work addressing specific cryptography modules (FIPS 140) and system hardening efforts with industry partners, including CIS and DISA

1. An exceptional academic track record from both high school and university
2. Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
3. Drive, and a track record of going above-and-beyond expectations
4. Excellent verbal and written communication skills in English
5. A love of developing and growing people and a track record of it
6. Organized and able to ensure your team delivers timely, high quality results
7. Professional manner interacting with colleagues, partners, and community
8. Prior experience working on FIPS/Common Criteria certified products and in-depth knowledge of the underlying standards
9. Prior experience working directly with DISA-STIG or CIS benchmarks, including related audit + remediation tooling (e.g., Compliance as Code)
10. Knowledgeable and passionate about software and application security
11. Solid experience working in an agile development environment
12. A demonstrated drive for continual learning
13. Builds trust, relationships, and confidence
14. Result-oriented, with a personal drive to meet commitments
15. Ability to travel twice a year, for company events up to two weeks each

• Hands-on domain knowledge of Linux cryptography libraries (OpenSSL, GnuTLS)

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognize outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events

About Canonical

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT, and the cloud, we are changing the world daily. We recruit globally and set high standards for new hires. We expect excellence—success depends on being the best at what we do. Canonical has been a remote-first company since 2004. Working here is a step into the future, challenging you to think differently, work smarter, learn new skills, and raise your game.

Canonical is an equal opportunity employer. We foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. We consider all applications fairly regardless of your identity.