Security Operations Engineer

We have opened several senior / staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. The role ranges from deep‑level experience defending critical assets against advanced persistent threats and state‑level actors, to opportunities for exceptional candidates with a strong academic record and a proven personal interest in cyber attack and defence, even if experience is limited.

Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. The entire global Ubuntu estate’s robustness will be raised through the work of this team.

The Security Operations (Sec Ops) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team owns the strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes, ensuring security threats are automatically identified, contained and remediated. It also contributes to Canonical product security, improving the resilience of all Ubuntu customers and users exposed to cyber attack.

The Sec Ops team's mission is not only to secure Canonical but also to contribute to the security of the wider open source ecosystem. Knowledge may be shared through public presentations and industry events, threat intelligence sharing with the community, or representation of Canonical in sector‑specific governance bodies.

• Implement and evolve Canonical’s Sec Ops security standards and playbooks
• Analyse and improve Canonical’s security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical Sec Ops practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table‑top exercises and other Sec Ops practices across Engineering, IS and Canonical
• Develop Canonical Sec Ops learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track Sec Ops KPIs
• Plan and deliver Sec Ops work within Canonical’s agile engineering practice
• Work with Security leadership to present information and influence change

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about an alternative path
• Drive and a track record of exceeding expectations
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modelling and risk management frameworks
• Knowledge of security architecture and market‑leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF
• Experience with security standards such as ISO 27001

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands‑on ability
• Experience with state‑actor and other advanced persistent threats

We consider geographical location, experience, and performance in shaping compensation worldwide, revisiting it annually (and more often for graduates and associates). In addition to base pay, we offer a performance‑driven annual bonus and a range of benefits that reflect our values.

• Distributed work environment with twice‑yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass and travel upgrades for long‑haul company events

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu—one of the most important open source projects and the platform for AI, IoT and the cloud—we are changing the world daily. We recruit on a global basis, demanding excellence from all our people. Canonical has been a remote‑first company since its inception in 2004, providing a future‑focused work environment that challenges you to learn new skills and raise your game.

We foster a workplace free from discrimination. Diversity of experience, perspectives and background creates a better environment and better products. Whatever your identity, we give your application fair consideration.