11 Database Security jobs in Oman

Canonical is a leading provider of open source software and operating systems to the global enterprise and technology markets. Our platform, Ubuntu, is very widely used in breakthrough enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers include the world's leading public cloud and silicon providers, and industry leaders in many sectors. The company is a pioneer of global distributed collaboration, with 1200+ colleagues in 75+ countries and very few office-based roles. Teams meet two to four times yearly in person, in interesting locations around the world, to align on strategy and execution.

The company is founder-led, profitable, and growing.

Canonical is building a team dedicated to providing security coverage across a wide range of ecosystems and environments, working to make the world a better, safer place. We are hiring an Ubuntu Security Engineer to join an industry-leading security engineering team and help protect the open source community and Ubuntu users from emerging threats. We are looking for candidates across all levels of experience, from Graduate to Senior.

As part of the Ubuntu Security Team, you will work with some of the best and brightest people in technology to monitor, triage, respond to, and document new and existing vulnerabilities in open source software. You will collaborate with internal teams and external partners to identify issues, prioritize them, and coordinate remediation.

This is an engineering-focused role that may also involve activities such as producing security assessments, building features, conducting code reviews, developing internal tools, engaging with the open source community, and participating in industry initiatives and events.

This role requires international travel at least twice a year, usually for one week. It also requires the ability to be productive in a globally distributed team through self-discipline and self-motivation.

Location: Worldwide, this is a globally remote role

The role entails

• Analyzing, fixing, and testing vulnerabilities in open source packages
• Keeping track of vulnerabilities in the Ubuntu ecosystem as they are discovered, researched, and fixed, leveraging internal tools
• Collaborating with other teams in the Ubuntu community and upstream developers, as needed, to exchange or develop vulnerability patches and ensure that Ubuntu includes the most robust security features
• Auditing source code for vulnerabilities
• Building features and tools to help teams strengthen the security of their products and contribute to the overall security of Ubuntu
  
  

• You have a thorough understanding of the common categories of security vulnerabilities and techniques for fixing them
• You are familiar with coordinated disclosure practices
• You are familiar with open source development tools and methodologies
• You are skilled in one or more of C, Python, Go, Rust, Java, Ruby, PHP or JavaScript/TypeScript
• You have excellent logic, problem-solving, troubleshooting, and decision-making skills
• You can clearly and effectively communicate with the team and Ubuntu community members
• Experience with Linux (Debian or Ubuntu preferred)
• Excellent interpersonal skills, curiosity, flexibility, and accountability
• Appreciative of diversity, polite, and effective in a multi-cultural, multi-national organization
• Thoughtfulness and self-motivation
• Result-oriented, with a personal drive to meet commitments
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Team Member Assistance Program & Wellness Platform
• Opportunity to travel to new locations to meet colleagues
• Priority Pass and travel upgrades for long-haul company events
  
  

This is a unique opportunity to use your software engineering and cryptography skills to build and maintain the security foundation that enables Ubuntu and its users to operate securely and remain compliant to international information security standards such as FIPS 140-3 and Common Criteria. You will use your applied cryptography, Linux Security, and coding skills to enhance the Ubuntu distribution and work with organizations such as DISA and CIS to draft and implement security hardening benchmarks for Ubuntu.

As a member of the Security Hardening team you will work with and develop automation tooling to audit deployed systems for DISA-STIG and CIS benchmark compliance. You will interact with internal and external stakeholders to identify gaps in our frameworks, and develop new solutions to address these challenges. In this role you will have the opportunity to influence team and security culture, facilitate technical delivery, and help drive team direction and execution. You'll collaborate closely with Canonical's kernel team as well as the wider engineering organization to drive features impacting all Ubuntu users.

Day-to-day responsibilities

• Collaborate with other engineers in the Security Hardening team to achieve and retain various Security certifications
• Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, and others) with the features and functionality required for FIPS and CC certification
• Collaborate with external security consultants to test and validate kernel and crypto module components
• Work with external partners to develop security hardening benchmarks and audit + remediation automation for Ubuntu
• Contribute to Ubuntu mainline and upstream projects to land solutions and benefit the community
• Communication and collaboration within and outside Canonical to identify opportunities to improve our security posture, rapidly resolve issues, and deliver high-quality solutions on schedule
  
  

• Hands-on experience with low-level Linux cryptography APIs and debugging
• Excellent software engineering fundamentals, including prior experience with C development, and the ability to demonstrate such
• Hands-on experience with Linux system administration and shell scripting
• Demonstrated knowledge of security and cryptography fundamentals + direct experience writing secure code and implementing best practices
• Significant development experience working with open source libraries
• Excellent verbal and written communications to enable efficient collaboration with internal and external partners in a remote-first environment
  
  

• Prior experience working on FIPS/Common Criteria certified products and in-depth knowledge of the underlying standards
• Prior experience working directly with DISA-STIG or CIS benchmarks, including related audit + remediation tooling (e.g. Compliance as Code)
• Experience working directly with Linux Kernel
• Prior experience with Python, OVAL (Open Vulnerability Assessment Language), and Ansible
• History of contributions to open source projects
  
  

• Distributed work environment with twice-yearly team sprints in person - we've been working remotely since 2004!
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues from your team and others
• Priority Pass for travel and travel upgrades for long haul company events
  
  

This is a unique opportunity to use your software engineering and cryptography skills to build and maintain the security foundation that enables Ubuntu and its users to operate securely and remain compliant to international information security standards such as FIPS 140-3 and Common Criteria. You will use your applied cryptography, Linux Security, and coding skills to enhance the Ubuntu distribution and work with organizations such as DISA and CIS to draft and implement security hardening benchmarks for Ubuntu.

As a member of the Security Hardening team you will work with and develop automation tooling to audit deployed systems for DISA-STIG and CIS benchmark compliance. You will interact with internal and external stakeholders to identify gaps in our frameworks, and develop new solutions to address these challenges. In this role you will have the opportunity to influence team and security culture, facilitate technical delivery, and help drive team direction and execution. You'll collaborate closely with Canonical's kernel team as well as the wider engineering organization to drive features impacting all Ubuntu users.

Day-to-day responsibilities

• Collaborate with other engineers in the Security Hardening team to achieve and retain various Security certifications
• Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, and others) with the features and functionality required for FIPS and CC certification
• Collaborate with external security consultants to test and validate kernel and crypto module components
• Work with external partners to develop security hardening benchmarks and audit + remediation automation for Ubuntu
• Contribute to Ubuntu mainline and upstream projects to land solutions and benefit the community
• Communication and collaboration within and outside Canonical to identify opportunities to improve our security posture, rapidly resolve issues, and deliver high-quality solutions on schedule
  
  

• Hands-on experience with low-level Linux cryptography APIs and debugging
• Excellent software engineering fundamentals, including prior experience with C development, and the ability to demonstrate such
• Hands-on experience with Linux system administration and shell scripting
• Demonstrated knowledge of security and cryptography fundamentals + direct experience writing secure code and implementing best practices
• Significant development experience working with open source libraries
• Excellent verbal and written communications to enable efficient collaboration with internal and external partners in a remote-first environment
  
  

• Prior experience working on FIPS/Common Criteria certified products and in-depth knowledge of the underlying standards
• Prior experience working directly with DISA-STIG or CIS benchmarks, including related audit + remediation tooling (e.g. Compliance as Code)
• Experience working directly with Linux Kernel
• Prior experience with Python, OVAL (Open Vulnerability Assessment Language), and Ansible
• History of contributions to open source projects
  
  

• Distributed work environment with twice-yearly team sprints in person - we've been working remotely since 2004!
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues from your team and others
• Priority Pass for travel and travel upgrades for long haul company events
  
  

Muscat, Sultanate of Oman | Posted on 22/01/2025

The service holder is part of the H3SE team which focuses on the management of health, safety, and security aspects of the Project. Missions of the service holder are to:

1. Interface with EPSCC contractors, TotalEnergies EP Oman, Sohar Industrial Port Company (SIPC), Solar plant project, partners, relevant Omani Authorities, and COMPANY’s H3SE team on-site.
2. Ensure key health, safety and security risks are identified, assessed, and mitigated to as low as reasonably practicable level. The job holder will document the assessment process, monitor, and liaise with EPSCC Contractors to implement prevention and/or mitigation measures. He/she supervises continuity and cascading of H3SE risk assessment during the construction of Marsa LNG project.
3. Ensure that EPSCC Contractors establish documented health, safety, and security management system with clear objectives, targets and relevant procedures for the construction of Marsa LNG project. He/she will establish H3SE monitoring and reporting system to consolidate and report the overall H3SE performance.
4. Elaborate Company HSE-MS and associated procedures/plans as highlighted in Marsa LNG HSE Management Plan with due consideration for the need for bridging plans (being either with EPSCC Contractors HSE-MS or TotalEnergies Service Oman affiliate HSE-MS) and for the SIMOPS.
5. Ensure that EPSCC Contractors establish emergency response plans, including medevac and security plan, aligned with COMPANY’s emergency response plan, and ensuring EPSCC Contractor to perform emergency trainings, drills, and exercises regularly.
6. Actively contribute to deliver Marsa LNG project on schedule and budget and meet the H3SE targets and objectives.

1. Well experienced in establishing of Health, Safety and Security management system and procedures (HSS MP) in line with COMPANY’s HSE MS expectations. Experience in monitoring and reporting for health, safety, and security key performance indicators.
2. Hands-on experience in coordinating and execution of H3SE Audits and Inspections and monitoring the close-out of findings.
3. Experience in coordinating safety culture campaign and follow up with EPSCC Contractors.
4. Well experienced in setting up H3SE training requirements for different functions within a project, medical fitness to work system, and medical infrastructure on construction site.
5. Experience in coordinating emergency response, emergency trainings, drills and exercises.

This is a general track for security-focused engineering in every team at Canonical, across all levels of seniority. Apply here if you are already an exceptional security-focused software engineer.

Most product engineering teams at Canonical include one or two spaces for dedicated security-oriented software engineers. Their role is to challenge the entire team to think more deeply about security. They contribute to the product as engineers too, but their primary focus is to improve security through state of the art practices - from table-top threat model exercises to architecture reviews, from extended security testing with fuzzers and static analysis tools to external security analyst liaison.

We also build a number of products that are entirely motivated by security technology and requirements, such as our AppArmor kernel investments and our hardening, compliance and certification toolkits for Ubuntu.

As the publisher of Ubuntu we also handle long-term security response and hardening for the entire operating system and open source universe. Working with tens of thousands of upstreams means that we need to be fluent in every major programming language, and design, build and adopt sophisticated tools that enable us to work at scale and speed with confidence.

These roles encompass all aspects of product security, including feature development, vulnerability response, proactive security and open source community participation. All security roles interact closely with many of the other Canonical engineering and development teams, Canonical customers and our partners across the open source community.

Location: We have open roles for security specialist software engineers in every timezone.

What you'll do

Security roles might tackle any of the following:

• Define, implement and document new security features
• Lead security-oriented thinking in a product engineering team
• Analyze, fix, and test vulnerabilities in Canonical and open source Software
• Contribute to Ubuntu and upstream projects to benefit the community
• Audit and analyze source code for vulnerabilities
• Integrate new tools in our security infrastructure, pipelines and processes
• Achieve and retain various security certifications
• Extend and enhance Linux cryptographic components - specifically with modules such as OpenSSL/Libgcrypt - with the features and functionality required for country-specific compliance such as FIPS and CC certification
• Work with external partners to develop CIS benchmarks
• Design and develop hardening automation for Ubuntu
• Monitor the security industry for new developments
• Develop, test and maintain new software capabilities
• Provide guidance and support to other engineering teams
  
  

• An exceptional academic track record from both high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• A thorough understanding of the common categories of security vulnerabilities
• Modern engineering techniques to find and fix them
• Familiarity with open source development tools and methodologies
• Skill in one or more of C, Python, Go, Rust, Java, Ruby or PHP
• Experience as a security champion
• Experience driving security within a wider SDLC process
• Professional written and spoken English
• Experience with Linux (Debian or Ubuntu preferred)
• Excellent interpersonal skills, curiosity, flexibility, and accountability
• Passion, thoughtfulness, and self-motivation
• Excellent communication and presentation skills
• Result-oriented, with a personal drive to meet commitments
• Ability to travel twice a year, for company events up to two weeks each
  
  

• Clear and effective communication with the team and Ubuntu community members
• Experience working with Linux Kernel
• Security Certification experience and knowledge in FIPS and/or CC
• Experience with OVAL (Open Vulnerability Assessment Language)
• Knowledge of and familiarity with low-level Linux cryptography APIs
• Demonstrated high learning ability
• Performance engineering experience
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

This is a general track for security-focused engineering in every team at Canonical, across all levels of seniority. Apply here if you are already an exceptional security-focused software engineer.

Most product engineering teams at Canonical include one or two spaces for dedicated security-oriented software engineers. Their role is to challenge the entire team to think more deeply about security. They contribute to the product as engineers too, but their primary focus is to improve security through state of the art practices - from table-top threat model exercises to architecture reviews, from extended security testing with fuzzers and static analysis tools to external security analyst liaison.

We also build a number of products that are entirely motivated by security technology and requirements, such as our AppArmor kernel investments and our hardening, compliance and certification toolkits for Ubuntu.

As the publisher of Ubuntu we also handle long-term security response and hardening for the entire operating system and open source universe. Working with tens of thousands of upstreams means that we need to be fluent in every major programming language, and design, build and adopt sophisticated tools that enable us to work at scale and speed with confidence.

These roles encompass all aspects of product security, including feature development, vulnerability response, proactive security and open source community participation. All security roles interact closely with many of the other Canonical engineering and development teams, Canonical customers and our partners across the open source community.

Location: We have open roles for security specialist software engineers in every timezone.

What you'll do

Security roles might tackle any of the following:

• Define, implement and document new security features
• Lead security-oriented thinking in a product engineering team
• Analyze, fix, and test vulnerabilities in Canonical and open source Software
• Contribute to Ubuntu and upstream projects to benefit the community
• Audit and analyze source code for vulnerabilities
• Integrate new tools in our security infrastructure, pipelines and processes
• Achieve and retain various security certifications
• Extend and enhance Linux cryptographic components - specifically with modules such as OpenSSL/Libgcrypt - with the features and functionality required for country-specific compliance such as FIPS and CC certification
• Work with external partners to develop CIS benchmarks
• Design and develop hardening automation for Ubuntu
• Monitor the security industry for new developments
• Develop, test and maintain new software capabilities
• Provide guidance and support to other engineering teams
  
  

• An exceptional academic track record from both high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• A thorough understanding of the common categories of security vulnerabilities
• Modern engineering techniques to find and fix them
• Familiarity with open source development tools and methodologies
• Skill in one or more of C, Python, Go, Rust, Java, Ruby or PHP
• Experience as a security champion
• Experience driving security within a wider SDLC process
• Professional written and spoken English
• Experience with Linux (Debian or Ubuntu preferred)
• Excellent interpersonal skills, curiosity, flexibility, and accountability
• Passion, thoughtfulness, and self-motivation
• Excellent communication and presentation skills
• Result-oriented, with a personal drive to meet commitments
• Ability to travel twice a year, for company events up to two weeks each
  
  

• Clear and effective communication with the team and Ubuntu community members
• Experience working with Linux Kernel
• Security Certification experience and knowledge in FIPS and/or CC
• Experience with OVAL (Open Vulnerability Assessment Language)
• Knowledge of and familiarity with low-level Linux cryptography APIs
• Demonstrated high learning ability
• Performance engineering experience
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.

Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.

The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role:

• Implement and evolve Canonical's Security Operation Center
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  
  

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Previous professional experience working or leading a Security Operation Center
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modelling and risk management frameworks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF and ISO27001
  
  

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands-on ability
• Experience with state-actor and other advanced persistent threats
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

Join to apply for the Staff Security Operations Engineer role at Canonical

Join to apply for the Staff Security Operations Engineer role at Canonical

Get AI-powered advice on this job and more exclusive features.

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.

Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.

The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role:

• Implement and evolve Canonical's SecOps security standards and playbooks
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  
  

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modelling and risk management frameworks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF
• Experience with security standards such as ISO 27001
  
  

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands-on ability
• Experience with state-actor and other advanced persistent threats
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Get notified about new Security Engineer jobs in Muscat, Masqaţ, Oman .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.

Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.

The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role:

• Implement and evolve Canonical's Security Operation Center
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  
  

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Previous professional experience working or leading a Security Operation Center
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modelling and risk management frameworks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF and ISO27001
  
  

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands-on ability
• Experience with state-actor and other advanced persistent threats
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events