Security Software Engineer

Join to apply for the Security Software Engineer role at Canonical.

Most product engineering teams at Canonical include one or two spaces for dedicated security-oriented software engineers. Their role is to challenge the entire team to think more deeply about security. They contribute to the product as engineers too, but their primary focus is to improve security through state-of-the-art practices, from tabletop threat model exercises to architecture reviews, extended security testing with fuzzers and static analysis tools, to external security analyst liaison.

We build products motivated by security technology, such as AppArmor kernel investments and hardening, compliance, and certification toolkits for Ubuntu. As the publisher of Ubuntu, we handle long-term security response and hardening for the entire operating system and open source universe, working with upstreams across many programming languages, designing and adopting sophisticated tools for scale and confidence.

These roles cover all aspects of product security, including feature development, vulnerability response, proactive security, and open source community participation. All security roles collaborate closely with other engineering teams, customers, and partners in the open source community.

Location: Open roles available in every timezone.

• Define, implement, and document new security features
• Lead security-oriented thinking in a product engineering team
• Analyze, fix, and test vulnerabilities in Canonical and open source software
• Contribute to Ubuntu and upstream projects
• Audit and analyze source code for vulnerabilities
• Integrate new tools into security infrastructure, pipelines, and processes
• Achieve and retain security certifications
• Enhance Linux cryptographic components (e.g., OpenSSL/Libgcrypt) for compliance such as FIPS and CC
• Work with external partners on CIS benchmarks
• Design and develop hardening automation for Ubuntu
• Monitor security industry developments
• Develop, test, and maintain new software capabilities
• Provide guidance and support to other engineering teams

• Exceptional academic record from high school and university or a compelling alternative path
• Degree in Computer Science or STEM, or equivalent experience
• Drive and a track record of exceeding expectations
• Understanding of common security vulnerabilities
• Modern techniques to find and fix vulnerabilities
• Familiarity with open source development tools and methodologies
• Skills in one or more of C, Python, Go, Rust, Java, Ruby, PHP
• Experience as a security champion and in SDLC security integration
• Professional English communication skills
• Experience with Linux (Debian or Ubuntu preferred)
• Interpersonal skills, curiosity, flexibility, accountability
• Passion, thoughtfulness, self-motivation
• Communication and presentation skills
• Result-oriented with personal drive
• Ability to travel twice a year for up to two weeks

• Effective communication with team and community
• Experience with Linux Kernel
• Security certifications, FIPS, CC knowledge
• Experience with OVAL
• Knowledge of Linux cryptography APIs
• High learning ability
• Performance engineering experience

• Distributed work environment with biannual in-person sprints
• USD 2,000 annual learning and development budget
• Annual compensation review and recognition rewards
• Holiday leave, maternity and paternity leave
• Employee Assistance Programme
• Travel opportunities and company event upgrades

Canonical pioneers open source, publishing Ubuntu, a key platform for AI, IoT, and cloud. We hire globally, uphold high standards, and have been remote-first since 2004. Working here challenges you to think differently, learn new skills, and elevate your career.

We are an equal opportunity employer, committed to diversity and inclusion, and consider all applications fairly.