Engineering Manager - Security Standards and Hardening

Overview

Engineering Manager - Security Standards and Hardening

Canonical is seeking an Engineering Manager to lead security standards and hardening across the Ubuntu platform, including desktops, servers, edge devices, cloud infrastructure, Kubernetes and Open Stack. The role focuses on setting security standards, certifying core components to meet industry standards, and guiding development teams in security best practices. You will work with industry partners to define and build secure operating system deployments, with emphasis on cryptographic modules (FIPS 140) and system hardening.

As an Engineering Manager, you will provide line management and career guidance, represent your team technically to stakeholders, and drive collaboration with other teams and customers to deliver secure software.

• Lead and develop a team of engineers across levels from graduate to senior
• Coach, mentor, and provide career development feedback
• Identify and measure team health indicators
• Implement disciplined engineering processes
• Represent the team and product to stakeholders, partners, and customers
• Develop and evangelise strong engineering and organisational practices
• Plan and manage progress on agreed goals and projects
• Support products and customers to meet security requirements such as FIPS, CIS, STIG, FedRAMP and CRA
• Collaborate with industry partners (e.g., CIS, DISA) on cryptography modules (FIPS 140) and system hardening efforts

• Strong academic background and/or compelling alternative path
• Undergraduate degree in Computer Science or STEM, or equivalent experience
• Drive and a track record of going above and beyond expectations
• Excellent verbal and written communication skills in English
• Love of developing people and a proven track record of growth
• Organised with the ability to ensure timely, high-quality delivery
• Professional demeanor when interacting with colleagues, partners, and community
• Prior experience with FIPS/Common Criteria certified products and knowledge of underlying standards
• Experience with DISA-STIG or CIS benchmarks and related audit/remediation tooling (e.g., Compliance as Code)
• Passion for software and application security
• Experience in an agile development environment
• Demonstrated commitment to continual learning
• Ability to build trust and effective relationships
• Results-oriented with a personal drive to meet commitments
• Ability to travel up to twice a year for company events (up to two weeks each)

• Hands-on domain knowledge of Linux cryptography libraries (OpenSSL, GnuTLS)

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunities to travel to new locations to meet colleagues
• Travel upgrades for long-haul company events

Canonical is an equal opportunity employer. We foster a workplace free from discrimination, and we will give your application fair consideration regardless of identity or background.

• Mid-Senior level

• Full-time

• Engineering and Information Technology

• Software Development