Overview
We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions. At the high end, we seek deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest and engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited. Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain, expanding security across the Ubuntu estate and related ecosystems.
The Security Operations (SecOps) team is responsible for the design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They design and implement technical security controls that ensure threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack. The SecOps mission extends to the wider open source ecosystem, sharing knowledge through public presentations and threat intelligence with the community or representing Canonical in sector-specific governance bodies.
What you will do in this role:
* Implement and evolve Canonical's Security Operation Center
* Analyse and improve Canonical's security architecture
* Evaluate, select and implement new security tools and practices
* Identify, contain and guide the remediation of security threats and cyber attacks
* Grow the presence and thought leadership of Canonical SecOps practice
* Contribute to open source threat intelligence initiatives
* Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
* Develop Canonical SecOps learning and development materials
* Publish blog posts, whitepapers and conference presentations
* Identify, implement and track SecOps KPIs
* Plan and deliver SecOps work within Canonical's agile engineering framework
* Collaborate with Security leadership to present information and influence change
What we are looking for
* An exceptional academic track record
* Undergraduate degree in Computer Science or STEM, or a compelling narrative about an alternative path
* Previous professional experience working or leading a Security Operations Center
* Deep personal motivation to be at the forefront of technology security
* Expertise in threat modelling and risk management frameworks
* Knowledge of security architecture and market-leading security tools
* Experience contributing to, and consuming, threat intelligence feeds
* Experience in security risk management frameworks such as NIST CSF and ISO27001
Optional things we value
* Experience in a security operations team or a security operations centre (SOC)
* Experience in offensive or defensive security teams with hands-on ability
* Experience with state-actor and other advanced persistent threats
What we offer you
* Distributed work environment with twice-yearly team sprints in person
* Personal learning and development budget of USD 2,000 per year
* Annual compensation review
* Recognition rewards
* Annual holiday leave
* Maternity and paternity leave
* Employee Assistance Programme
* Opportunity to travel to new locations to meet colleagues
* Travel upgrades for long-haul company events
About Canonical
Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, Canonical operates globally with a remote-first culture. We recruit on a global basis and maintain a high standard for people joining the company. Canonical is an equal opportunity employer and we foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. We will give every applicant fair consideration.
Seniority level: Mid-Senior level
Employment type: Full-time
Job function: Information Technology
Industries: Software Development
Referrals increase your chances of interviewing at Canonical by 2x
Sign in to set job alerts for “Senior Security Engineer” roles.
#J-18808-Ljbffr