Linux Cryptography and Security Engineer

This is a unique opportunity to use your software engineering and cryptography skills to build and maintain the security foundation that enables Ubuntu and its users to operate securely and remain compliant to international information security standards such as FIPS 140-3 and Common Criteria. You will use applied cryptography, Linux Security, and coding skills to enhance the Ubuntu distribution and work with organizations such as DISA and CIS to draft and implement security hardening benchmarks for Ubuntu.

• Collaborate with other engineers in the Security Hardening team to achieve and retain various Security certifications.
• Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, and others) with the features and functionality required for FIPS and CC certification.
• Collaborate with external security consultants to test and validate kernel and crypto module components.
• Work with external partners to develop security hardening benchmarks and audit + remediation automation for Ubuntu.
• Contribute to Ubuntu mainline and upstream projects to land solutions and benefit the community.
• Communicate and collaborate within and outside Canonical to identify opportunities to improve our security posture, rapidly resolve issues, and deliver high-quality solutions on schedule.

• Hands‑on experience with low‑level Linux cryptography APIs and debugging.
• Excellent software engineering fundamentals, including prior experience with C development.
• Hands‑on experience with Linux system administration and shell scripting.
• Demonstrated knowledge of security and cryptography fundamentals, and experience writing secure code and implementing best practices.
• Significant development experience working with open source libraries.
• Excellent verbal and written communications to enable efficient collaboration with internal and external partners in a remote‑first environment.

• Prior experience working on FIPS/Common Criteria certified products and in‑depth knowledge of the underlying standards.
• Prior experience working directly with DISA‑STIG or CIS benchmarks, including related audit + remediation tooling (e.g., Compliance as Code).
• Experience working directly with Linux Kernel.
• Prior experience with Python, OVAL (Open Vulnerability Assessment Language), and Ansible.
• History of contributions to open source projects.

• Distributed work environment with twice‑yearly team sprints in person; remote work since 2004.
• Personal learning and development budget of USD 2,000 per year.
• Annual compensation review.
• Recognition rewards.
• Annual holiday leave.
• Maternity and paternity leave.
• Employee Assistance Programme.
• Opportunity to travel to new locations to meet colleagues from your team and others.
• Priority Pass for travel and travel upgrades for long‑haul company events.

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT, and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence; to succeed we need to be the best at what we do. Canonical has been a remote‑first company since its inception in 2004. Working at Canonical is a step into the future and will challenge you to think differently, work smarter, learn new skills, and raise your game.

Canonical is an equal opportunity employer. We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background creates a better work environment and better products. Whatever your identity, we will give your application fair consideration.

Entry level

Full‑time

Information Technology

Software Development