About Canonical

Canonical is a pioneering technology company at the forefront of the global shift to open source software. As the publisher of Ubuntu, one of the most influential open-source projects worldwide, Canonical powers critical initiatives in public cloud, data science, AI, engineering innovation, and IoT. Our customers include leading public cloud providers, silicon manufacturers, and industry giants across sectors. With over 1200 colleagues in more than 75 countries, Canonical embodies a founder-led, profitable, and rapidly growing organization. We champion a remote-first culture, with teams collaborating globally and meeting in person two to four times a year in exciting locations to align on strategy and execution.

Canonical's commitment to open source extends to security, where we build dedicated teams to safeguard ecosystems and environments. By contributing to Ubuntu and the broader open source community, we make the digital world safer for enterprises and users alike.

Role Overview

The Ubuntu Security Engineer role at Canonical is an engineering-focused position within our industry-leading security team. You will monitor, triage, respond to, and document vulnerabilities in open source software, collaborating with internal teams and external partners to prioritize and remediate issues. This globally remote role suits candidates from graduate to senior levels, involving security assessments, feature building, code reviews, tool development, community engagement, and participation in industry events.

Expect international travel at least twice yearly for one-week sprints, thriving in a distributed team through self-discipline and motivation. Help protect Ubuntu users and the open source community from emerging threats while advancing your career in a premium tech environment.

Key Responsibilities

• Analyze, fix, and test vulnerabilities in open source packages to ensure robust security.
• Track vulnerabilities across the Ubuntu ecosystem as they are discovered, researched, and resolved using specialized internal tools.
• Collaborate with Ubuntu community teams and upstream developers to exchange or develop patches, integrating the strongest security features into Ubuntu.
• Audit source code proactively to identify potential vulnerabilities.
• Build features and tools that empower teams to strengthen product security and contribute to Ubuntu's overall resilience.

Qualifications & Requirements

We seek engineers with a deep understanding of common security vulnerability categories and proven techniques for mitigation. Familiarity with coordinated disclosure practices and open source development tools is essential. Proficiency in at least one of C, Python, Go, Rust, Java, Ruby, PHP, or JavaScript/TypeScript is required, alongside strong Linux experience—preferably Debian or Ubuntu.

Ideal candidates demonstrate excellent logic, problem-solving, troubleshooting, and decision-making skills. Clear communication with teams and the Ubuntu community is key, complemented by interpersonal strengths like curiosity, flexibility, accountability, and cultural sensitivity in our multi-national organization. Self-motivation, result-orientation, and a drive to meet commitments define success in this role.

Benefits & Perks

Canonical offers competitive, location- and experience-based compensation with annual reviews and performance-driven bonuses. Our global benefits package reflects our values:

• Fully distributed work environment with biannual in-person team sprints in inspiring locations.
• USD 2,000 annual personal learning and development budget.
• Comprehensive annual holiday leave, maternity, and paternity leave.
• Team Member Assistance Program and Wellness Platform for holistic support.
• Recognition rewards for outstanding contributions.
• Priority Pass membership and travel upgrades for long-haul company events, plus opportunities to explore new places while meeting colleagues.

We ensure fairness and balance to meet local needs worldwide.

Career Growth

At Canonical, career progression is dynamic and merit-based. From graduate hires to senior engineers, you'll work with top talent on high-impact projects shaping open source security. Annual compensation reviews, learning budgets, and exposure to global initiatives foster rapid skill development. Engage in code reviews, tool building, and industry events to build expertise. Our remote-first model with strategic in-person alignments supports long-term growth in a collaborative, innovative culture.

Why Join Canonical

Join Canonical to pioneer open source security with Ubuntu at its core. Contribute to a safer world by protecting millions of users in cloud, AI, IoT, and beyond. Thrive in a profitable, growing company with a remote-first ethos, diverse global team, and premium perks. Be part of breakthrough enterprise initiatives, collaborate with industry leaders, and enjoy the freedom of worldwide remote work punctuated by exciting team sprints. Canonical values thoughtfulness, diversity, and results—perfect for driven security engineers passionate about open source.

Role FAQs

Q: Is this role fully remote? Yes, it's a globally remote position with required travel for two one-week sprints annually.

Q: What experience levels are welcome? All levels from graduate to senior; we tailor opportunities to your background.

Q: Do I need specific programming languages? Proficiency in one or more of C, Python, Go, Rust, Java, Ruby, PHP, or JavaScript/TypeScript.

Q: How does Canonical support professional development? With a USD 2,000 yearly learning budget, annual reviews, and hands-on projects.

Q: What makes Canonical's security team unique? We focus on Ubuntu and open source ecosystems, collaborating globally to deliver cutting-edge protections.