Senior Security Operations Engineer

The Canonical Security Operations team is hiring for a Senior or Staff engineer. The Security Operations team is responsible for designing, building, and operating a world-class Security Operations Center, and the successful candidate will provide leadership, mentorship, expertise, and outstanding individual contributions towards those ends.

This role involves aspects of:

• Traditional SOC duties - security monitoring, threat hunting, and response.
• Security engineering - assessing and protecting Canonical platforms and products.
• Software engineering - building custom tools and platforms.
• Site reliability engineering - deploying, maintaining, and automating security tools.

We are looking for individuals with engineering and security experience, as well as a history of remarkable achievement. Senior security operations personnel with engineering experience and senior developers with security experience are equally well-suited to this role.

Beyond securing Canonical’s digital estate, this position represents a unique opportunity to contribute to the open source ecosystem. Team members may present at industry conferences, share threat intelligence with the wider community, or publish open source security software.

Junior positions are also available for less-experienced individuals with a compelling academic or professional background.

• Provide operational and engineering leadership.
• Implement and evolve Canonical’s Security Operations Center.
• Design and develop security software and platforms.
• Monitor for, identify, respond to, and remediate security incidents.
• Assess and improve Canonical’s security controls.
• Mentor early-career Security Operations engineers.
• Plan and deliver work within Canonical's agile engineering framework.
• Contribute to open source security.
• Publish blog posts, whitepapers and conference presentations.

• An exceptional academic track record.
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path.
• 10+ years of relevant professional experience
• Professional cybersecurity experience, preferably working or leading a Security Operations Center.
• Professional engineering experience.
• An eagerness to contribute to open source security.
• Proficiency in common scripting languages, such as Python and Bash.
• Knowledge of Git, GitOps, Infrastructure-as-Code, and common orchestration platforms (e.g., Kubernetes)

• Familiarity with security frameworks such as the NIST CSF, CIS CSC, and ISO 27001
• Knowledge of security architecture and market-leading security tools.
• Experience in a security operations team or a security operations center.
• Experience in offensive or defensive security teams with hands-on ability.
• Experience with advanced persistent threats.
• Proficiency in additional programming languages, such as Golang.

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004.​ Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.

We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

#LI-remote