Engineering Manager - Security Standards and Hardening

As the most widely used Linux distribution, Ubuntu underpins the security of the entire internet. The role of Security Engineering Manager directly impacts the safety and security of millions of users worldwide. Join a team of security experts dedicated to protecting the open-source ecosystem and driving innovation. Your leadership will be instrumental in addressing emerging threats, developing robust security measures, and ensuring the continued integrity of Ubuntu. This is an opportunity to make a tangible difference and leave a lasting legacy on the digital landscape.

As we place ever more trust in software and data security in our increasingly connected world, Canonical’s mission to deliver the world’s best open source platform comes with a responsibility: to set the highest possible standard for software security, not only for the OS, but also for the wide range of open source infrastructure and software that developers enjoy within the Ubuntu ecosystem. With Canonical’s Ubuntu being the leading open source platform for large-scale cloud and edge deployments, we are increasingly called upon to help customers meet strict security requirements such as FIPS, CIS, STIG, FedRAMP and the new CRA.

This role is about leading the charge to set the security standards for open source software across the Ubuntu platform, from desktops, servers and edge devices to cloud infrastructure, Kubernetes and OpenStack, by certifying core components to meet industry standards and guiding development teams across the company in security best practices. We work primarily within the areas of cryptographic modules (FIPS 140) and system hardening, where we collaborate with industry partners including CIS and DISA to define and build secure operating system deployments.

An Engineering Manager is responsible for line management and career guidance. The ability to develop engineering talent, to represent your team and product from a technical perspective, and to drive collaboration with other teams and customers are all critical to success in this role.

What you will do in this role

• Lead and develop a team of engineers, ranging from graduate to senior
• Coach, mentor, and offer career development feedback
• Identify and measure team health indicators
• Implement disciplined engineering processes
• Represent your team and product to stakeholders, partners, and customers 
• Develop and evangelise great engineering and organisational practices
• Plan and manage progress on agreed goals and projects
• Support our products and customers to meet strict product security requirements such as FIPS, CIS, STIG, FedRAMP and the new CRA
• Support the work addressing specific cryptography modules (FIPS 140) and system hardening efforts with indrustry partners, including CIS and DISA

What we are looking for in you

• An exceptional academic track record from both high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive, and a track record of going above-and-beyond expectations
• Excellent verbal and written communication skills in English
• A love of developing and growing people and a track record of it
• Organised and able to ensure your team delivers timely, high quality results
• Professional manner interacting with colleagues, partners, and community
• Prior experience working on FIPS/Common Criteria certified products and in-depth knowledge of the underlying standards
• Prior experience working directly with DISA-STIG or CIS benchmarks, including related audit + remediation tooling (e.g. Compliance as Code)
• Knowledgeable and passionate about software and application security
• Solid experience working in an agile development environment
• A demonstrated drive for continual learning
• Builds trust, relationships and confidence
• Result-oriented, with a personal drive to meet commitments 
• Ability to travel twice a year, for company events up to two weeks each

Optional things we value

• Hands-on domain knowledge of Linux cryptography libraries (OpenSSL, GnuTLS)

What we offer you

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events

About Canonical 

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004.​ Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.

Canonical is an equal opportunity employer

We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

#LI-remote