Jobs at Canonical

• As an engineering manager at Canonical your primary responsibility is to the people you support: ensuring that they are growing as engineers, doing valuable work, and generally having a great time at Canonical. As a lead for strong engineers, technical leadership and a solid background in software security is a must, so that you're able to challenge and grow your team members. You will have the opportunity to influence the culture, facilitate technical delivery, and work with your team on strategy and execution.

We have multiple management focus areas open for the Ubuntu security management role:

• Security Maintenance (CVE and vulnerability addressing life cycle)
• Security Technology (AppArmor, Secureboot, and Cryptography)
• Certifications and Compliance (FIPS, CIS, FedRAMP)

Key responsibilities

• Build and lead a globally distributed team of engineers through hiring, coaching, mentoring, feedback and hands-on career development
• Guide the security posture for Ubuntu, and other Canonical products
• Support timely delivery of technical solutions to address business needs
• Manage competing priorities, communicating with internal and external stakeholders
• Advocate and advance modern, agile software development practices
• Grow a healthy, collaborative engineering culture in line with the company values
• Participate in strong engineering process through code and architectural review
• Guide the growth of the Canonical Security story
• Work from home with global travel up to 15% for internal and external events

Valued Skills And Experience

• You love developing and growing people and have a strong track record of doing it
• You are knowledgeable and passionate about software security, either Security Certifications or Application Security
• You have some experience in leading, managing, coaching and mentoring software developers
• You have solid experience working in an agile development environment
• You have strong written and verbal technical communication skills
• You have a Bachelor's or equivalent in Computer Science, STEM or similar degree

go to method of application »

• As a member of the Security Hardening team you will work with and develop automation tooling to audit deployed systems for DISA-STIG and CIS benchmark compliance. You will interact with internal and external stakeholders to identify gaps in our frameworks, and develop new solutions to address these challenges. In this role you will have the opportunity to influence team and security culture, facilitate technical delivery, and help drive team direction and execution. You'll collaborate closely with Canonical's kernel team as well as the wider engineering organization to drive features impacting all Ubuntu users.

Day-to-day responsibilities

• Collaborate with other engineers in the Security Hardening team to achieve and retain various Security certifications
• Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, and others) with the features and functionality required for FIPS and CC certification
• Collaborate with external security consultants to test and validate kernel and crypto module components
• Work with external partners to develop security hardening benchmarks and audit + remediation automation for Ubuntu
• Contribute to Ubuntu mainline and upstream projects to land solutions and benefit the community
• Communication and collaboration within and outside Canonical to identify opportunities to improve our security posture, rapidly resolve issues, and deliver high-quality solutions on schedule

What we are looking for in you

• Hands-on experience with low-level Linux cryptography APIs and debugging
• Excellent software engineering fundamentals, including prior experience with C development, and the ability to demonstrate such
• Hands-on experience with Linux system administration and shell scripting
• Demonstrated knowledge of security and cryptography fundamentals + direct experience writing secure code and implementing best practices
• Significant development experience working with open source libraries
• Excellent verbal and written communications to enable efficient collaboration with internal and external partners in a remote-first environment

Additional Skills That You Might Also Bring

• Prior experience working on FIPS/Common Criteria certified products and in-depth knowledge of the underlying standards
• Prior experience working directly with DISA-STIG or CIS benchmarks, including related audit + remediation tooling (e.g. Compliance as Code)
• Experience working directly with Linux Kernel
• Prior experience with Python, OVAL (Open Vulnerability Assessment Language), and Ansible
• History of contributions to open source projects

go to method of application »

• As an engineering manager at Canonical your primary responsibility is to the people you support: ensuring that they are growing as engineers, doing valuable work, and generally having a great time at Canonical. As a lead for strong engineers, technical leadership and a solid background in software security is a must, so that you're able to challenge and grow your team members. You will have the opportunity to influence the culture, facilitate technical delivery, and work with your team on strategy and execution.

Location: This is a Globally remote role
Key responsibilities

• Build and lead a globally distributed team of engineers through hiring, coaching, mentoring, feedback and hands-on career development
• Support timely delivery of technical solutions to address business needs
• Provide technical thought leadership for your team and others around Canonical
• Advocate and advance modern, agile software development practices
• Grow a healthy, collaborative engineering culture in line with the company values

What we are looking for

• Exceptional software engineering skills - design, document, plan, execute
• Demonstrated experience in managing or leading software engineering teams
• Demonstrated understanding in one or more of the following areas:
  • Secureboot or other UEFI capabilities
  • Code integrity primitives such as dm-verity
  • AppArmor, SELinux or other MAC modules
  • Confidential computing TEEs (Intel SGX, AMD SEV, arm TrustZone or similar)
• WIllingness to travel up to 4 times a year for internal events

go to method of application »

• The OpenSearch team is, among other things, focused on creating the best enterprise automation solution for search and analytics suites like OpenSearch and Elasticsearch.
• We have a number of openings we are looking to hire across a range of levels. We will help you identify a suitable position depending on your experience and interests. Engineers who thrive at Canonical are mindful of open-source community dynamics and equally aware of the needs of large, innovative organisations.

Location: This is a Globally remote role
What your day will look like
The OpenSearch team is responsible for the automation of OpenSearch operations. This includes ensuring fault-tolerant replication, TLS, installation, and much more; but also provides domain-specific expertise on the actual data system to other teams within Canonical. This role is focused on the creation and automation of features of data platforms, not analysing the data in them.

• Collaborate proactively with an internationally distributed team
• Write high-quality, idiomatic Python code to create new features
• Debug issues and interact with upstream communities publicly
• Work with helpful and talented engineers including experts in a diverse set of fields
• Work from home with global travel for 2 to 4 weeks per year for internal and external events

What we are looking for in you

• Proven hands-on experience in software development using Python
• Proven hands-on experience in distributed systems development
• Bachelor's or equivalent in Computer Science, STEM, or a similar degree
• Willingness to travel up to 4 times a year for internal events

Additional Skills That You Might Also Bring
You might also bring a subset of experience from the following, which will determine the exact role and level we consider you for:

• Experience operating and managing search and analytics engines like Elasticsearch, Logstash, KIbana, and OpenSearch
• Experience with Linux systems administration, package management, and operations
• Experience with the public cloud or a private cloud solution like OpenStack
• Experience with operating Kubernetes clusters and a belief that it can be used for serious persistent data services

go to method of application »

What your day will look like
The data platform team is responsible for the automation of data platform operations. This includes ensuring fault-tolerant replication, TLS, installation, and much more; but also provides domain-specific expertise on the actual data system to other teams within Canonical. This role is focused on the creation and automation of features of data platforms, not analysing the data in them.

• Collaborate proactively with a distributed team
• Write high-quality, idiomatic Python code to create new features
• Debug issues and interact with upstream communities publicly
• Work with helpful and talented engineers including experts in many fields
• Discuss ideas and collaborate on finding good solutions
• Work from home with global travel for 2 to 4 weeks per year for internal and external event

What we are looking for in you

• Proven hands-on experience in software development using Python
• Proven hands-on experience in distributed systems
• Have a Bachelor's or equivalent in Computer Science, STEM, or a similar degree
• Willingness to travel up to 4 times a year for internal events

Additional Skills That You Might Also Bring
You might also bring a subset of experience from the following, which will determine the exact role and level we consider you for:

• Experience operating and managing data platform technologies like PostgreSQL, MySQL, MongoDB, OpenSearch, Kafka, Yugabyte, Trino, Superset, Atlas, Ranger, and Redis
• Experience with Linux systems administration, package management, and operations
• Experience with the public cloud or a private cloud solution like OpenStack
• Experience with operating Kubernetes clusters and a belief that it can be used for serious persistent data services

go to method of application »

What you'll do
Security roles might tackle any of the following:

• Define, implement and document new security features
• Lead security-oriented thinking in a product engineering team
• Analyze, fix, and test vulnerabilities in Canonical and open source Software
• Contribute to Ubuntu and upstream projects to benefit the community
• Audit and analyze source code for vulnerabilities
• Integrate new tools in our security infrastructure, pipelines and processes
• Achieve and retain various security certifications
• Extend and enhance Linux cryptographic components - specifically with modules such as OpenSSL/Libgcrypt - with the features and functionality required for country-specific compliance such as FIPS and CC certification
• Work with external partners to develop CIS benchmarks
• Design and develop hardening automation for Ubuntu
• Monitor the security industry for new developments
• Develop, test and maintain new software capabilities
• Provide guidance and support to other engineering teams

What we are looking for in you

• An exceptional academic track record from both high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• A thorough understanding of the common categories of security vulnerabilities
• Modern engineering techniques to find and fix them
• Familiarity with open source development tools and methodologies
• Skill in one or more of C, Python, Go, Rust, Java, Ruby or PHP
• Experience as a security champion
• Experience driving security within a wider SDLC process
• Professional written and spoken English
• Experience with Linux (Debian or Ubuntu preferred)
• Excellent interpersonal skills, curiosity, flexibility, and accountability
• Passion, thoughtfulness, and self-motivation
• Excellent communication and presentation skills
• Result-oriented, with a personal drive to meet commitments
• Ability to travel twice a year, for company events up to two weeks each

Optional skills we also value

• Clear and effective communication with the team and Ubuntu community members
• Experience working with Linux Kernel
• Security Certification experience and knowledge in FIPS and/or CC
• Experience with OVAL (Open Vulnerability Assessment Language)
• Knowledge of and familiarity with low-level Linux cryptography APIs
• Demonstrated high learning ability
• Performance engineering experience