Linux Cryptography and Security Engineer

This is a unique opportunity to leverage your software engineering and cryptography skills to build and maintain the security foundation for Ubuntu, ensuring compliance with international standards such as FIPS 140-3 and Common Criteria. You will apply your expertise in cryptography, Linux Security, and coding to enhance the Ubuntu distribution and collaborate with organizations like DISA and CIS to develop security hardening benchmarks.

As a member of the Security Hardening team, you will develop automation tools to audit systems for DISA-STIG and CIS compliance, work with stakeholders to identify gaps, and create solutions to address security challenges. You will influence team and security culture, facilitate technical delivery, and collaborate with Canonical's kernel and engineering teams to implement impactful features for all Ubuntu users.

1. Collaborate with engineers to achieve and maintain security certifications.
2. Enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, etc.) for FIPS and CC certification.
3. Partner with external security consultants to test and validate kernel and crypto modules.
4. Work with external partners to develop security benchmarks and automate audits and remediations for Ubuntu.
5. Contribute to Ubuntu mainline and upstream projects to benefit the community.
6. Communicate and collaborate internally and externally to improve security posture and deliver solutions efficiently.

• Experience with low-level Linux cryptography APIs and debugging.
• Strong software engineering fundamentals, including C development skills.
• Experience with Linux system administration and shell scripting.
• Knowledge of security and cryptography fundamentals, with experience in secure coding and best practices.
• Development experience with open source libraries.
• Excellent communication skills for remote collaboration.

• Experience with FIPS/Common Criteria certified products and standards.
• Experience with DISA-STIG or CIS benchmarks, audit, and remediation tooling.
• Experience with Linux Kernel development.
• Knowledge of Python, OVAL, and Ansible.
• Contributions to open source projects.

We offer competitive compensation considering location, experience, and performance, with annual reviews and bonuses. Our benefits reflect our values and include:

• Remote work with biannual in-person team sprints.
• USD 2,000 annual learning and development budget.
• Annual compensation review and recognition rewards.
• Paid holiday, maternity, and paternity leave.
• Employee Assistance Programme.
• Opportunities for travel and team meetups.

Canonical is a leader in open source, publishing Ubuntu, a key platform for AI, IoT, and cloud technologies. We are a global, remote-first company committed to excellence and innovation. Since 2004, we have fostered a work environment that challenges and develops our team members.

Canonical is an equal opportunity employer, valuing diversity and inclusion in our workplace.