Job Vacancies at Canonical

As an engineering manager at Canonical your primary responsibility is to the people you support: ensuring that they are growing as engineers, doing valuable work, and generally having a great time at Canonical.

As a lead for strong engineers, technical leadership and a solid background in software security is a must, so that you're able to challenge and grow your team members.

You will have the opportunity to influence the culture, facilitate technical delivery, and work with your team on strategy and execution.

• We have multiple management focus areas open for the Ubuntu security management role:
• Security Maintenance (CVE and vulnerability addressing life cycle)
• Security Technology (AppArmor, Secureboot, and Cryptography)
• Certifications and Compliance (FIPS, CIS, FedRAMP)

Key responsibilities

• Build and lead a globally distributed team of engineers through hiring, coaching, mentoring, feedback and hands-on career development
• Guide the security posture for Ubuntu, and other Canonical products
• Support timely delivery of technical solutions to address business needs
• Manage competing priorities, communicating with internal and external stakeholders
• Advocate and advance modern, agile software development practices
• Grow a healthy, collaborative engineering culture in line with the company values
• Participate in strong engineering process through code and architectural review
• Guide the growth of the Canonical Security story
• Work from home with global travel up to 15% for internal and external events

Valued Skills And Experience

• You love developing and growing people and have a strong track record of doing it
• You are knowledgeable and passionate about software security, either Security Certifications or Application Security
• You have some experience in leading, managing, coaching and mentoring software developers
• You have solid experience working in an agile development environment
• You have strong written and verbal technical communication skills
• You have a Bachelor's or equivalent in Computer Science, STEM or similar degree

go to method of application »

• As an engineering manager at Canonical your primary responsibility is to the people you support: ensuring that they are growing as engineers, doing valuable work, and generally having a great time at Canonical.
• As a lead for strong engineers, technical leadership and a solid background in software security is a must, so that you're able to challenge and grow your team members.
• You will have the opportunity to influence the culture, facilitate technical delivery, and work with your team on strategy and execution.

Key responsibilities

• Build and lead a globally distributed team of engineers through hiring, coaching, mentoring, feedback and hands-on career development
• Support timely delivery of technical solutions to address business needs
• Provide technical thought leadership for your team and others around Canonical
• Advocate and advance modern, agile software development practices
• Grow a healthy, collaborative engineering culture in line with the company values

What we are looking for

• Exceptional software engineering skills - design, document, plan, execute
• Demonstrated experience in managing or leading software engineering teams
• Demonstrated understanding in one or more of the following areas:
  • Secureboot or other UEFI capabilities
  • Code integrity primitives such as dm-verity
  • AppArmor, SELinux or other MAC modules
  • Confidential computing TEEs (Intel SGX, AMD SEV, arm TrustZone or similar)
• WIllingness to travel up to 4 times a year for internal events

go to method of application »

• These roles encompass all aspects of product security, including feature development, vulnerability response, proactive security and open source community participation.
• All security roles interact closely with many of the other Canonical engineering and development teams, Canonical customers and our partners across the open source community.

What you'll do
Security roles might tackle any of the following:

• Define, implement and document new security features
• Lead security-oriented thinking in a product engineering team
• Analyze, fix, and test vulnerabilities in Canonical and open source Software
• Contribute to Ubuntu and upstream projects to benefit the community
• Audit and analyze source code for vulnerabilities
• Integrate new tools in our security infrastructure, pipelines and processes
• Achieve and retain various security certifications
• Extend and enhance Linux cryptographic components - specifically with modules such as OpenSSL/Libgcrypt - with the features and functionality required for country-specific compliance such as FIPS and CC certification
• Work with external partners to develop CIS benchmarks
• Design and develop hardening automation for Ubuntu
• Monitor the security industry for new developments
• Develop, test and maintain new software capabilities
• Provide guidance and support to other engineering teams

What we are looking for in you

• An exceptional academic track record from both high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• A thorough understanding of the common categories of security vulnerabilities
• Modern engineering techniques to find and fix them
• Familiarity with open source development tools and methodologies
• Skill in one or more of C, Python, Go, Rust, Java, Ruby or PHP
• Experience as a security champion
• Experience driving security within a wider SDLC process
• Professional written and spoken English
• Experience with Linux (Debian or Ubuntu preferred)
• Excellent interpersonal skills, curiosity, flexibility, and accountability
• Passion, thoughtfulness, and self-motivation
• Excellent communication and presentation skills
• Result-oriented, with a personal drive to meet commitments
• Ability to travel twice a year, for company events up to two weeks each

Optional skills we also value

• Clear and effective communication with the team and Ubuntu community members
• Experience working with Linux Kernel
• Security Certification experience and knowledge in FIPS and/or CC
• Experience with OVAL (Open Vulnerability Assessment Language)
• Knowledge of and familiarity with low-level Linux cryptography APIs
• Demonstrated high learning ability
• Performance engineering experience

go to method of application »

What your day will look like

The OpenSearch team is responsible for the automation of OpenSearch operations. This includes ensuring fault-tolerant replication, TLS, installation, and much more; but also provides domain-specific expertise on the actual data system to other teams within Canonical. This role is focused on the creation and automation of features of data platforms, not analysing the data in them.

• Collaborate proactively with an internationally distributed team
• Write high-quality, idiomatic Python code to create new features
• Debug issues and interact with upstream communities publicly
• Work with helpful and talented engineers including experts in a diverse set of fields
• Work from home with global travel for 2 to 4 weeks per year for internal and external events

What we are looking for in you

• Proven hands-on experience in software development using Python
• Proven hands-on experience in distributed systems development
• Bachelor's or equivalent in Computer Science, STEM, or a similar degree
• Willingness to travel up to 4 times a year for internal events

Additional Skills That You Might Also Bring
You might also bring a subset of experience from the following, which will determine the exact role and level we consider you for:

• Experience operating and managing search and analytics engines like Elasticsearch, Logstash, KIbana, and OpenSearch
• Experience with Linux systems administration, package management, and operations
• Experience with the public cloud or a private cloud solution like OpenStack
• Experience with operating Kubernetes clusters and a belief that it can be used for serious persistent data services