Linux Cryptography and Security Engineer

This is a unique opportunity to use your software engineering and cryptography skills to build and maintain the security foundation that enables Ubuntu and its users to operate securely and remain compliant with international information security standards such as FIPS 140-3 and Common Criteria. You will leverage your applied cryptography, Linux Security, and coding skills to enhance the Ubuntu distribution and collaborate with organizations like DISA and CIS to draft and implement security hardening benchmarks for Ubuntu.

As a member of the Security Hardening team, you will develop automation tools to audit deployed systems for DISA-STIG and CIS benchmark compliance. You will engage with internal and external stakeholders to identify gaps and develop solutions. This role offers the chance to influence team and security culture, facilitate technical delivery, and drive team direction. You will work closely with Canonical's kernel team and the wider engineering organization to develop features impacting all Ubuntu users.

1. Collaborate with other engineers to achieve and maintain various security certifications.
2. Enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, etc.) for FIPS and CC certification.
3. Work with external security consultants to test and validate kernel and crypto modules.
4. Develop security hardening benchmarks and automation tools for audit and remediation.
5. Contribute to Ubuntu mainline and upstream projects.
6. Communicate and collaborate to improve security posture and deliver high-quality solutions.

• Hands-on experience with Linux cryptography APIs and debugging.
• Strong software engineering fundamentals, including experience with C.
• Experience with Linux system administration and shell scripting.
• Knowledge of security and cryptography fundamentals and secure coding practices.
• Development experience with open source libraries.
• Excellent communication skills for collaboration in a remote environment.

• Experience with FIPS/Common Criteria certified products and standards.
• Experience with DISA-STIG or CIS benchmarks and audit tooling.
• Experience with Linux Kernel.
• Knowledge of Python, OVAL, and Ansible.
• Contributions to open source projects.

We consider location, experience, and performance in compensation. We offer a performance-driven bonus, benefits reflecting our values, and a balance of programs to meet local needs globally.

• Remote work with biannual in-person team sprints.
• USD 2,000 annual learning budget.
• Annual pay review and recognition rewards.
• Holiday, maternity, and paternity leave.
• Employee Assistance Programme.
• Travel opportunities and upgrades for company events.

Canonical is a leader in open source, publishing Ubuntu, a key platform for AI, IoT, and cloud. We set high standards and expect excellence from our team. Since 2004, we have been a remote-first company, offering a forward-looking work environment that encourages learning and growth.

Canonical is an equal opportunity employer, committed to diversity and fair consideration of all applications.