Security Software Engineer

Join to apply for the Security Software Engineer role at Canonical.

This is a general track for security-focused engineering across all teams and levels at Canonical. Apply if you are an exceptional security-focused software engineer.

Most product engineering teams include dedicated security engineers to enhance security through practices like threat modeling, architecture reviews, security testing, and liaising with external analysts. We develop security-driven products such as AppArmor and tools for Ubuntu's security, compliance, and certification.

As the publisher of Ubuntu, we handle long-term security responses and hardening, working with upstream projects and requiring fluency in major programming languages. Our security roles involve feature development, vulnerability response, proactive security, and community participation, collaborating closely with other teams, customers, and open source communities.

Location: Open to all time zones.

• Define, implement, and document new security features.
• Lead security-focused thinking within product teams.
• Analyze, fix, and test vulnerabilities.
• Contribute to Ubuntu and upstream projects.
• Audit source code for vulnerabilities.
• Integrate security tools into infrastructure and pipelines.
• Achieve and maintain security certifications.
• Enhance Linux cryptographic components for compliance.
• Collaborate with partners on CIS benchmarks.
• Design hardening automation for Ubuntu.
• Monitor security industry developments.
• Develop, test, and maintain security software.
• Support other engineering teams.

• Strong academic background in high school and university or equivalent experience.
• Degree in Computer Science/STEM or an alternative path with a compelling story.
• Drive and a history of exceeding expectations.
• Understanding of security vulnerabilities and modern fixing techniques.
• Familiarity with open source tools and development methodologies.
• Proficiency in C, Python, Go, Rust, Java, Ruby, or PHP.
• Experience as a security champion and in SDLC security integration.
• Excellent English communication skills.
• Linux experience, preferably Debian or Ubuntu.
• Interpersonal skills, curiosity, flexibility, accountability.
• Passion, thoughtfulness, self-motivation.
• Willingness to travel twice a year for up to two weeks.

• Effective communication with teams and community.
• Linux Kernel experience.
• Security certifications, FIPS, CC knowledge.
• Experience with OVAL and low-level cryptography APIs.
• High learning ability and performance engineering experience.

• Distributed work with biannual in-person sprints.
• USD 2,000 annual learning budget.
• Performance reviews and bonuses.
• Comprehensive benefits, including leave and parental leave.
• Employee Assistance Programme.
• Travel opportunities and event upgrades.

About Canonical

Canonical pioneers open source, publishing Ubuntu, a key platform for AI, IoT, and cloud. We hire globally, uphold high standards, and have been remote-first since 2004. Working here means innovation, continuous learning, and growth.

Canonical is an equal opportunity employer, committed to diversity and fairness.

• Mid-Senior level

• Full-time

• Engineering and IT

• Software Development