About Canonical

Canonical is the pioneering tech company behind Ubuntu, the world's leading open source operating system powering AI, IoT, cloud computing, and enterprise infrastructure. Since 2004, Canonical has championed open source innovation, transforming how businesses and developers build and deploy software globally. As a remote-first organization, Canonical recruits top talent worldwide, fostering a high-performance culture where excellence drives success. Our Security Operations team plays a critical role in safeguarding Ubuntu and Canonical's digital estate while contributing to the broader open source security ecosystem.

Role Overview

The Senior Security Operations Engineer position at Canonical offers a unique blend of security operations, engineering, and open source contributions. This home-based, worldwide role involves designing, building, and operating a world-class Security Operations Center (SOC). You'll provide leadership, mentorship, and hands-on expertise in threat detection, incident response, and security tool development. Ideal for senior SOC professionals with engineering chops or developers with deep security experience, this position empowers you to protect Canonical's platforms and influence open source security standards.

Key Aspects of the Role

• Traditional SOC functions: monitoring, threat hunting, and response.
• Security engineering: assessing and hardening Canonical products.
• Software engineering: creating custom detection and automation tools.
• Site reliability engineering: deploying and maintaining security infrastructure.

Beyond internal security, you'll have opportunities to present at conferences, share threat intelligence, and publish open source security software, amplifying your impact in the global community.

Key Responsibilities

In this leadership role, you'll drive Canonical's security posture forward through hands-on contributions and team guidance.

• Provide operational and engineering leadership for the SOC team.
• Implement and evolve Canonical’s Security Operations Center capabilities.
• Design and develop security software, platforms, and automation tools.
• Monitor for, identify, respond to, and remediate security incidents efficiently.
• Assess and continuously improve Canonical’s security controls and frameworks.
• Mentor early-career Security Operations engineers, fostering talent growth.
• Plan and deliver work within Canonical's agile engineering framework.
• Contribute to open source security projects and initiatives.
• Publish insightful blog posts, whitepapers, and conference presentations on security topics.

Qualifications & Requirements

Canonical seeks exceptional candidates with proven track records in security and engineering.

Required

• Exceptional academic track record and undergraduate degree in Computer Science or STEM (or compelling alternative path).
• 10+ years of relevant professional experience.
• Professional cybersecurity experience, ideally in operating or leading a SOC.
• Professional engineering experience in software or infrastructure.
• Proficiency in scripting languages like Python and Bash.
• Strong knowledge of Git, GitOps, Infrastructure-as-Code, and orchestration platforms such as Kubernetes.
• Eagerness to contribute to open source security efforts.

Highly Valued

• Familiarity with NIST CSF, CIS CSC, ISO 27001 frameworks.
• Experience with security architecture and leading tools.
• Hands-on work in offensive or defensive security teams.
• Dealing with advanced persistent threats (APTs).
• Proficiency in Golang or other systems languages.

Benefits & Perks

Canonical offers competitive, performance-based compensation reviewed annually, plus a suite of global benefits tailored for fairness and work-life balance.

• Fully distributed remote work with twice-yearly in-person team sprints.
• USD 2,000 annual personal learning and development budget.
• Performance-driven annual bonus and compensation reviews.
• Generous annual holiday leave, maternity, and paternity leave.
• Employee Assistance Programme for wellbeing support.
• Travel opportunities, including Priority Pass and upgrades for company events.
• Recognition rewards for outstanding contributions.

Career Growth

At Canonical, career progression is merit-based in a flat, high-trust structure. As a Senior Security Operations Engineer, you'll lead projects, mentor juniors, and shape SOC strategy. Opportunities abound to specialize in threat intelligence, open source tooling, or security architecture. With regular performance reviews and a learning budget, you'll stay ahead in cybersecurity while influencing Ubuntu's secure evolution. Many team members advance to staff or principal roles, presenting at Black Hat, DEF CON, or BSides.

Why Join Canonical

Joining Canonical means working on Ubuntu, the backbone of open source innovation, in a remote-first environment that prioritizes autonomy and impact. Secure the platforms powering millions of servers, desktops, and edge devices. Collaborate with global experts, contribute to public good through open source, and enjoy unparalleled work flexibility. Canonical's commitment to excellence attracts the best minds—elevate your career while helping build a more secure digital world.

Role FAQs

Is this role fully remote?

Yes, it's home-based worldwide, with optional twice-yearly in-person sprints.

What experience level is required?

10+ years for senior/staff; junior roles available for strong candidates.

Do I need open source experience?

Eagerness to contribute is key; prior experience is a plus.

How is compensation structured?

Base pay plus performance bonus, reviewed annually, competitive globally.

What tools does the team use?

Modern stack including Python, Kubernetes, GitOps, and industry-leading security platforms.