Security Software Engineer

Join to apply for the Security Software Engineer role at Canonical.

This role is for security-focused engineering across all teams at Canonical, suitable for all levels of seniority. Apply if you are an exceptional security-oriented software engineer.

Product engineering teams typically include security engineers who focus on enhancing security through best practices, architecture reviews, security testing, and liaising with external analysts. Canonical also develops security-centric products like AppArmor and tools for Ubuntu security hardening and compliance.

As the publisher of Ubuntu, Canonical manages security response and hardening for the OS and open source projects, requiring fluency in multiple programming languages and sophisticated security tools.

This role covers all aspects of product security, including feature development, vulnerability response, proactive security measures, and open source community engagement. Collaboration with various engineering teams, customers, and partners is essential.

Open roles are available in every timezone.

1. Define, implement, and document security features.
2. Lead security thinking within product teams.
3. Analyze, fix, and test vulnerabilities.
4. Contribute to Ubuntu and upstream projects.
5. Audit source code for vulnerabilities.
6. Integrate security tools and processes.
7. Achieve and maintain security certifications.
8. Enhance Linux cryptographic modules for compliance.
9. Collaborate with external partners on benchmarks.
10. Develop hardening automation for Ubuntu.
11. Stay updated with security industry developments.
12. Develop, test, and maintain software capabilities.
13. Support other engineering teams.

1. Strong academic background and/or compelling alternative experience.
2. Degree in Computer Science or STEM, or equivalent experience.
3. Drive and a history of exceeding expectations.
4. Deep understanding of security vulnerabilities.
5. Modern techniques for vulnerability mitigation.
6. Experience with open source tools and methodologies.
7. Skills in C, Python, Go, Rust, Java, Ruby, or PHP.
8. Experience as a security champion and in SDLC processes.
9. Proficiency in English.
10. Experience with Linux (Debian/Ubuntu preferred).
11. Excellent interpersonal, curiosity, flexibility, and accountability skills.
12. Passion, thoughtfulness, and self-motivation.
13. Strong communication and presentation skills.
14. Result-oriented with a personal drive to meet commitments.
15. Willingness to travel twice a year for up to two weeks.

1. Effective communication with teams and the Ubuntu community.
2. Experience with Linux Kernel.
3. Security certifications like FIPS or CC.
4. Knowledge of OVAL and low-level Linux cryptography APIs.
5. High learning ability and performance engineering experience.

Competitive worldwide compensation, annual reviews, performance bonuses, and benefits reflecting our values, including:

• Distributed work environment with biannual in-person sprints.
• USD 2,000 annual learning and development budget.
• Recognition rewards, holiday leave, parental leave, and Employee Assistance Programme.
• Opportunities to travel and meet colleagues.

Canonical pioneers in open source, publishing Ubuntu, a key platform for AI, IoT, and cloud. We recruit globally, uphold high standards, and have been remote-first since 2004. Working here challenges you to think differently and grow professionally.

Canonical is an equal opportunity employer committed to diversity and inclusion.

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Engineering and IT
• Industry: Software Development