Security Software Engineer

Security Software Engineer

Join to apply for the Security Software Engineer role at Canonical
.

Canonical is a leading provider of open source software and operating systems to the global enterprise and technology markets.

Location:

Worldwide, this is a globally remote role. The role requires the ability to be productive in a globally distributed team through strong self‑discipline and motivation. It also involves mandatory international travel at least twice a year, typically for one week.

• Define, implement, and document new security features
• Lead security‑focused initiatives within a product engineering team
• Analyze, fix, and test vulnerabilities in open source software
• Contribute to Ubuntu and upstream open source projects to benefit the community
• Audit and analyze source code for vulnerabilities
• Integrate new tools into our security infrastructure, pipelines, and processes
• Achieve and retain various security certifications
• Extend and enhance Linux cryptographic components to meet country‑specific compliance requirements, such as FIPS and Common Criteria (CC) certifications
• Work with external partners to develop Center for Internet Security (CIS) benchmarks
• Design and develop hardening automation for Ubuntu
• Stay up to date with trends and developments in the security industry
• Develop, test, and maintain new software capabilities
• Provide guidance and support to other engineering teams on security best practices

• An exceptional academic track record from both high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• A track record of going above and beyond expectations
• Thorough understanding of the common categories of security vulnerabilities and how to fix them
• Knowledge of modern software engineering techniques
• Familiarity with open source development tools and methodologies
• Skill in one or more of C, C++, Python, Go, Rust, Java, Ruby, PHP, or JavaScript/Typescript
• Experience as a security champion
• Experience driving security within a wider SSDLC process
• Professional written and spoken English
• Experience with Linux (Debian or Ubuntu preferred)
• Excellent interpersonal skills, curiosity, flexibility, and accountability
• Passion, thoughtfulness, and self‑motivation
• Excellent communication and presentation skills
• Results‑oriented, with a personal drive to meet commitments

• Clear and effective communication with both the team and Ubuntu community members
• Experience working with the Linux kernel
• Experience with security certifications and knowledge of FIPS and/or Common Criteria (CC)
• Experience with OVAL (Open Vulnerability Assessment Language)
• Knowledge of cryptographic modules such as OpenSSL and Libgcrypt
• Knowledge of low‑level Linux cryptography APIs
• Demonstrated ability to learn quickly
• Performance engineering experience

• Distributed work environment with twice‑yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events

Canonical is an equal opportunity employer; we are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

• Entry level

• Full‑time

• Engineering and Information Technology

• Software Development

Referrals increase your chances of interviewing at Canonical by 2x