Duties and Responsibilities
Security roles might tackle any of the following:
- Define, implement, and document new security features
- Lead security-oriented thinking in a product engineering team
- Analyze, fix, and test vulnerabilities in Canonical and open source Software
- Contribute to Ubuntu and upstream projects to benefit the community
- Audit and analyze source code for vulnerabilities
- Integrate new tools in our security infrastructure, pipelines, and processes
- Achieve and retain various security certifications
- Extend and enhance Linux cryptographic components – specifically with modules such as OpenSSL/Libgcrypt – with the features and functionality required for country-specific compliance such as FIPS and CC certification
- Work with external partners to develop CIS benchmarks
- Design and develop hardening automation for Ubuntu
- Monitor the security industry for new developments
- Develop, test, and maintain new software capabilities
- Provide guidance and support to other engineering teams
Qualifications
- An exceptional academic track record from both high school and university
- Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
- Drive and a track record of going above and beyond expectations
- A thorough understanding of the common categories of security vulnerabilities
- Modern engineering techniques to find and fix them
- Familiarity with open-source development tools and methodologies
- Skill in one or more of C, Python, Go, Rust, Java, Ruby or PHP
- Experience as a security champion
- Experience driving security within a wider SDLC process
- Professional written and spoken English
- Experience with Linux (Debian or Ubuntu preferred)
- Excellent interpersonal skills, curiosity, flexibility, and accountability
- Passion, thoughtfulness, and self-motivation
- Excellent communication and presentation skills
- Result-oriented, with a personal drive to meet commitments
- Ability to travel twice a year, for company events for up to two weeks each
Optional skills we also value
- Clear and effective communication with the team and Ubuntu community members
- Experience working with Linux Kernel
- Security Certification experience and knowledge in FIPS and/or CC
- Experience with OVAL (Open Vulnerability Assessment Language)
- Knowledge of and familiarity with low-level Linux cryptography APIs
- Demonstrated high learning ability
- Performance engineering experience
How To Apply