• The Security Operations (SecOps) team is responsible for the design, implementation, and evolution of Canonical security practices, techniques, tools, systems, and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure, and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained, and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber-attacks.
• The SecOps team’s mission is not only to secure Canonical but also to contribute to the security of the wider open-source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community, or represent Canonical in sector-specific governance bodies.

What you will do in this role:

• Implement and evolve Canonical’s SecOps security standards and playbooks
• Analyse and improve Canonical’s security architecture
• Evaluate, select, and implement new security tools and practices
• Identify, contain, and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modeling, tabletop exercises, and other SecOps practices across Engineering, IS, and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers, and conference presentations
• Identify, implement, and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical’s agile engineering practice
• Work with Security leadership to present information and influence change

What We Are Looking For

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above and beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modeling and risk management frameworks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF
• Experience with security standards such as ISO 27001

Optional things we value

• Experience in a security operations team or a security operations center (SOC)
• Experience in offensive or defensive security teams with hands-on ability
• Experience with state-actor and other advanced persistent threats

How To Apply

Click Here To Apply