About Canonical

Canonical is the pioneering company behind Ubuntu, the world's most popular Linux distribution for desktops, servers, and cloud infrastructure. As a leader in open source software, Canonical powers mission-critical deployments for enterprises, governments, and developers globally. Our remote-first culture enables a diverse, worldwide team to collaborate seamlessly on innovative projects that secure and advance the open source ecosystem. From edge computing to AI infrastructure, Canonical's contributions to Ubuntu and related technologies ensure resilience against evolving cyber threats.

Role Overview

The Security Risk Management Specialist at Canonical plays a pivotal role in defining and executing the company's security risk strategy. This home-based, worldwide position involves harnessing industry best practices and innovative modelling to identify, quantify, and mitigate risks across Canonical's operations and products. You'll collaborate cross-functionally to enhance Ubuntu's security posture, contribute to open source community efforts, and drive thought leadership in security risk management. Join a team dedicated to not only protecting Canonical but also elevating security standards for the broader open source world.

Key Responsibilities

In this strategic role, you'll establish Canonical's security risk management standards and playbooks while analyzing and refining existing practices. Key duties include evaluating and implementing cutting-edge security tools, growing Canonical's thought leadership through public presentations, and developing training materials in partnership with the Organizational Learning team. You'll apply statistical models like FAIR for risk quantification, lead assessments, interpret cyber risk analyses in business terms, and launch company-wide campaigns to mitigate vulnerabilities. Additionally, you'll build self-service templates, monitor process effectiveness, and contribute to key risk, control, and performance indicators.

Strategic Impact

Your work will influence decision-making across engineering, product security, and leadership, ensuring Ubuntu customers benefit from robust defenses against cyber attacks. By participating in industry events and governance bodies, you'll amplify Canonical's voice in the global security community.

Qualifications & Requirements

Canonical seeks candidates with an exceptional academic track record, typically holding an undergraduate degree in Computer Science or a related STEM field, or a compelling alternative narrative. Essential qualities include deep motivation for technology security, proven leadership, and excellent business English skills for writing and presentations. Expertise in threat modelling, risk frameworks, Secure Development Lifecycle, and Security by Design is required, alongside broad knowledge of operationalizing security risk. Problem-solvers with a track record of exceeding expectations and strong cross-functional communication will thrive.

Technical Depth

Experience with quantitative risk assessment, sensitivity analysis, and translating technical risks into business recommendations is crucial. Familiarity with key risk indicators and performance metrics for security programs is highly valued.

Benefits & Perks

Canonical offers competitive, performance-based compensation reviewed annually, with bonuses recognizing outstanding contributions. Beyond base pay, enjoy a distributed work environment featuring twice-yearly in-person team sprints, a USD 2,000 personal learning budget, generous holiday leave, maternity/paternity leave, and an Employee Assistance Programme. Travel perks include Priority Pass and upgrades for long-haul company events, fostering global connections in our remote-first culture.

Career Growth

At Canonical, career progression is driven by impact and initiative. This role offers opportunities to lead high-visibility projects, influence Ubuntu's security roadmap, and grow into senior leadership. With structured development resources and exposure to open source innovation, you'll stay at the forefront of cybersecurity trends while contributing to Canonical's mission.

Why Join Canonical

Work on Ubuntu, the backbone of open source computing, in a fully remote role that balances flexibility with collaborative sprints. Canonical's commitment to fairness ensures equitable benefits worldwide, empowering you to secure the future of technology. Be part of a premium team driving innovation in security risk management for millions of users.

Role FAQs

Is this role fully remote?

Yes, it's home-based worldwide with optional twice-yearly in-person sprints.

What salary can I expect?

Compensation is competitive and tailored to experience, with annual reviews and bonuses.

Do I need specific certifications?

While not required, expertise in frameworks like FAIR and threat modelling is essential.

How does this role impact Ubuntu?

You'll enhance product security and resilience for Ubuntu users against cyber threats.

What is Canonical's open source commitment?

We actively contribute threat intelligence and best practices to the global community.