Security Engineer - Ubuntu

Canonical is a leading provider of open source software and operating systems to the global enterprise and technology markets. Our platform, Ubuntu, is very widely used in breakthrough enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers include the world's leading public cloud and silicon providers, and industry leaders in many sectors. The company is a pioneer of global distributed collaboration, with + colleagues in 75+ countries and very few office-based roles. Teams meet two to four times yearly in person, in interesting locations around the world, to align on strategy and execution.

The company is founder-led, profitable, and growing.

We are hiring a Ubuntu Security Engineer to join an industry leading software security team, and help protect the open source community and Ubuntu users from emerging threats. Canonical is building a team to provide security coverage across a wide range of different ecosystems and environments, and work to make the world a better, safer place.

As part of the Ubuntu team, you will work with the best and brightest people in technology to monitor, triage, respond to and document new and existing vulnerabilities in open source software. The role will involve collaboration with internal teams and external partners, to identify and prioritize issues and track progress. 

The role can also include a number of other activities, including security assessment and code review, internal tooling developments, community engagement, security hardening and feature development and industry collaboration participation. 

This job involves international travel several times a year, usually for one week and requires the ability to be productive in a globally distributed team through self-discipline and self-motivation.

Location: Worldwide

The role entails

Keeping track of vulnerabilities in Ubuntu releases as they are discovered, researched and fixed (using internal software tools)
Collaborating with other teams in the Ubuntu community and with upstream developers where appropriate, to exchange or develop vulnerability patches and make sure that Ubuntu includes the very best security features
Auditing source code for vulnerabilities 

What we are looking for in you

You are familiar with coordinated disclosure practices
You are familiar with open source development tools and methodologies
You are skilled in one or more of C, Python, go, Rust, Java, Ruby or PHP 
You have excellent logic, problem-solving, troubleshooting, and decision-making skills
You can clearly and effectively communicate with the team and Ubuntu community members
Experience with Linux (Debian or Ubuntu preferred) 
Excellent interpersonal skills, curiosity, flexibility, and accountability
Appreciative of diversity, polite, and effective in a multi-cultural, multi-national organization
Thoughtfulness and self-motivation
Result-oriented, with a personal drive to meet commitments
Ability to travel internationally twice a year for company events up to two weeks long

What we offer colleagues

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognize outstanding performance. In addition to base pay, we offer a performance-driven annual bonus or commission. We provide all team members with additional benefits which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

Personal learning and development budget of USD 2, per year
Annual compensation review
Recognition rewards
Annual holiday leave
Maternity and paternity leave
Team Member Assistance Program & Wellness Platform
Opportunity to travel to new locations to meet colleagues
Priority Pass and travel upgrades for long-haul company events