Ubuntu is a community-developed, Linux-based operating system that is published and commercially supported by software development firm Canonical. Like Canonica
Linux Cryptography and Security Engineer
Location
Worldwide
Posted
74 days ago
Salary
0
Seniority
Senior
Job Description
Linux Cryptography and Security Engineer
Canonical
• Collaborate with other engineers in the Security Hardening team to achieve and retain various Security certifications • Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, and others) with the features and functionality required for FIPS and CC certification • Collaborate with external security consultants to test and validate kernel and crypto module components • Work with external partners to develop security hardening benchmarks and audit + remediation automation for Ubuntu • Contribute to Ubuntu mainline and upstream projects to land solutions and benefit the community • Communication and collaboration within and outside Canonical to identify opportunities to improve our security posture, rapidly resolve issues, and deliver high-quality solutions on schedule
Job Requirements
- Hands-on experience with low-level Linux cryptography APIs and debugging
- Excellent software engineering fundamentals, including prior experience with C development, and the ability to demonstrate such
- Hands-on experience with Linux system administration and shell scripting
- Demonstrated knowledge of security and cryptography fundamentals + direct experience writing secure code and implementing best practices
- Significant development experience working with open source libraries
- Excellent verbal and written communications to enable efficient collaboration with internal and external partners in a remote-first environment
- Prior experience working on FIPS/Common Criteria certified products and in-depth knowledge of the underlying standards
- Prior experience working directly with DISA-STIG or CIS benchmarks, including related audit + remediation tooling (e.g. Compliance as Code)
- Experience working directly with Linux Kernel
- Prior experience with Python, OVAL (Open Vulnerability Assessment Language), and Ansible
- History of contributions to open source projects
Benefits
- Distributed work environment with twice-yearly team sprints in person - we’ve been working remotely since 2004!
- Personal learning and development budget of USD 2,000 per year
- Annual compensation review
- Recognition rewards
- Annual holiday leave
- Maternity and paternity leave
- Employee Assistance Programme
- Opportunity to travel to new locations to meet colleagues from your team and others
- Priority Pass for travel and travel upgrades for long haul company events
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Tutor Me Education is reshaping how students learn. • Provide support to students all across the country. • Virtual instruction from your home computer.
• Utilize NDR, EDR, real-time streaming, and SIEM technologies to develop robust threat detection capabilities • Build and optimize detection rules leveraging real-time data streaming to enhance detection accuracy • Design enrichment pipelines and automation workflows to enhance the precision of threat detections • Develop correlation logic and automated processes to create high-fidelity threat alerts • Build compliance and recoverability of customer Data Analytics solutions, including SOPs, data onboarding, normalization, enrichment, and system maintenance • Create automation playbooks for incident triage and response • Align detection content with customer-specific Use Case Frameworks and provide metrics on cybersecurity threats impacting their environment • Collaborate with customer cybersecurity teams to cover gaps and enhance enterprise posture • Support enterprise Cybersecurity, Information Technology (IT), and Operational Technology (OT) teams by providing dashboards and other data exploration tools • Stay continually aware of emerging cybersecurity threats and trends, adapting detection strategies as needed • Work closely with customer teams, including Cybersecurity Operations Center (CSOC), Operational Technology (OT), and Incident Response (IR) teams, to ensure detections are actionable and relevant • Provide feedback to improve the customer's security framework and overall security monitoring strategy
• Analyze product security requirements and apply industry-recognized methodologies to translate them into effective security controls. • Design and support the implementation of secure cloud architectures. • Audit externally developed product security designs, document missing security controls, and lead efforts to analyze and implement security improvements. • Conduct threat modeling, attack surface analysis, and attack tree creation for products running on cloud platforms. • Research, review, compare, and propose technologies that meet client requirements. • Perform comprehensive security posture assessments through various methodologies. • Validate CI/CD pipelines and audit deployment configurations across various hosting environments. • Ensure that implemented solutions align with the product’s security architecture and requirements. • Document and present product security risks in both technical and business contexts. • Lead and support a small team of security engineers and consultants in assessing and researching cutting-edge technologies.
• Technical leadership on major projects involving emerging technologies. • Researching, analyzing, and resolving demanding technical challenges. • Driving threat modelling, attack surface enumeration and attack tree creation activities across applications. • Planning and supervising end-to-end security posture assessments via source code auditing and functional testing. • Documenting and presenting product security risks.
