Security Operations Engineer

Join to apply for the Staff Security Operations Engineer role at Canonical

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We seek deep experience defending highly contested critical assets and high‑value cyber targets against advanced persistent threats and state‑level actors. Junior roles are available for exceptional individuals with proven personal interest and engagement in cyber attack and defence, outstanding academic and career performance even if experience is limited.

• Implement and evolve Canonical's Sec Ops security standards and playbooks
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical Sec Ops practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, tabletop exercises and other Sec Ops practices across Engineering, IS and Canonical
• Develop Canonical Sec Ops learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track Sec Ops KPIs
• Plan and deliver Sec Ops work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modelling and risk management frameworks
• Knowledge of security architecture and market‑leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience with security risk management frameworks such as NIST CSF
• Experience with security standards such as ISO 27001

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands‑on ability
• Experience with state‑actor and other advanced persistent threats

• Distributed work environment with twice‑yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass and travel upgrades for long‑haul company events

Canonical is an equal‑opportunity employer. We foster a workplace free from discrimination and welcome diverse perspectives and backgrounds. We consider geographical location, experience, and performance in shaping compensation worldwide and regularly review pay to recognize outstanding performance.