Remote Jobs, Job Vacancies, Latest Openings, Software Engineering Jobs,
Threat Intelligence Lead
- You will lead intelligence gathering and development activities on threat actors targeting software supply chains. You’ll study attack trends across the wider open source software landscape, report findings to internal security teams, and advise the wider engineering community on the best course of action to detect and mitigate possible threats.
- As the publisher of Ubuntu, Canonical products are directly or indirectly present in almost every organisation and household in the world, making them a prime target for threat actors. This team’s mission is to help Canonical, and by extension countless community members and companies around the world, secure their software infrastructure.
What you’ll do in this role
- Build and own Canonical’s threat intelligence strategy
- Build and maintain OSINT research environments
- Develop OSINT tradecraft, principals, and techniques
- Identify and track targeted intrusion cyber threats, trends, and new developments by cyber threat actors through analysis of proprietary and open source datasets
- Collaborate across teams to inform on activity of interest
- Coordinate adversary/campaign tracking
- Contribute to the wider threat intelligence community, establishing Canonical as a key contributor and thought leader in the space
- Work with product and engineering teams to explain cybersecurity threats and advise on mitigation strategies
- Work with the OPSEC and IS team to help implement/update security controls prioritising cyber defence
- Identify intelligence gaps and propose new tools and research projects to fill them
- Conduct briefings for executives, internal stakeholders and external customers
The successful Threat Intelligence Lead will be
- An experienced threat intelligence leader (or similar)
- Knowledgeable about the current open source threat landscape and computer networking/infrastructure concepts
- Highly competent with OSINT tools (e.g., Buscador, Trace Labs OSINT VM, OSINT Framework, Maltego, Shodan, social media scraping tools, etc.)
- Able to identify, organise, catalogue, and track adversary tradecraft trends — often with incomplete data
- Experienced using threat intelligence data to influence enterprise architecture or product development decisions
- An excellent communicator with the ability to clearly articulate and tailor technical content to a variety of audiences
- Able to travel twice a year, for company events up to two weeks long
Desired Characteristics
- A professional portfolio of OSINT related scripts, tools, or frameworks
- Demonstrated involvement in the larger OSINT community (please share relevant links)
- Degree qualified, with a bachelor’s degree in computer science, information security, or a related field
- Certifications in related areas (e.g. GOSI, SANS SEC487 & SEC587, IntelTechniques OSIP, etc)
- Experience in a tech company or government/military signal intelligence departments
Security Risk Management Specialist
- The security risk management team’s mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.
What you will do in this role:
- Define Canonical’s security risk management standards and playbooks
- Analyse and improve Canonical’s security risk practices
- Evaluate, select and implement new security requirements, tools and practices
- Grow the presence and thought leadership of Canonical security risk management practice
- Develop Canonical security risk learning and development materials
- Work with Security leadership to present information and influence change
- Participate in developing key risk indicators, provide inputs to the development of key control indicators, and key performance indicators for various programs
- Apply statistical models to risk frameworks (such as FAIR, sensitivity analysis, and others)
- Participate in risk management, decision-making, and collaborative discussions
- Lead quantified risk assessments and understand the value of qualitative data for improvements to quality and engineering processes
- Interpret internal or external cyber security risk analyses in business terms and recommend a responsible course of action
- Develop templates and materials to help with self-service risk management actions
- Monitor and identify opportunities to improve the effectiveness of risk management processes
- Launch campaigns to perform security assessments and help mitigate security risks across the company
- Build evaluation methods and performance indicators to measure efficiency of security functions and capabilities.
What we are looking for
- An exceptional academic track record
- Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
- Drive and a track record of going above-and-beyond expectations
- Deep personal motivation to be at the forefront of technology security
- Leadership and management ability
- Excellent business English writing and presentation skills
- Problem-solver with excellent communication skills, a deep technical understanding of security assessments and risk management
- Expertise in threat modelling and risk management frameworks
- Broad knowledge of how to operationalize the management of security risk
- Experience in Secure Development Lifecycle and Security by Design methodology
Software Engineer – Cross-platform C++ – Multipass
What you will focus on
- Ensure Multipass is easy and intuitive to use
- Architect new features and design the user experience
- Write high-quality code to create new features and fix bugs
- Review code and architecture as part of Canonical’s engineering process
- Collaborate proactively with a distributed team
- Debug, track down and fix issues encountered by our users
- Foster the open source community and support customers when needed
- Travel internationally for up to two weeks, twice a year, for company events
What we are looking for in you
- Cross-platform development experience on macOS and/or Windows
- Expertise in modern C++ development
- Experience with software testing and test-driven development
- Extremely high personal standards for code quality, testing and design
- Knowledge of hypervisor technologies such as Hyper-V, VirtualBox, KVM, and QEMU
- Open source experience and involvement
- Knowledge of CI systems a plus
- Capacity to learn quickly about new systems and techniques
- Excellent communication skills in English – both verbal and written
- Bachelor’s or equivalent in Computer Science, STEM or similar degree
Information Systems Security Compliance Engineer
This role can be home or office based. Periodic international travel for training and business meetings is required.
Key responsibilities:
- Collaborate with IT operations, Legal, Security, and Engineering teams to define and implement policies and procedures
- Help to design and implement controls to strengthen the company’s Security Posture
- Collaborate with various teams to ensure security standards are met across all projects
- Assess vulnerabilities/risks that could affect the integrity, availability, or confidentiality of data, systems, or services of the company and provide mitigation solutions
- Conduct regular audits to ensure compliance with internal policies and procedures, relevant security standards best practices, regulations and client requirements to identify gaps and provide remediation solutions
- Ensure controls are configured correctly and integrated into the security strategy
- Collaborate with internal teams to respond to Security Questionnaires, Contract Compliance and Security & Compliance posture questions from customers
- Provide guidance and support to internal stakeholders regarding security & compliance practices
- Collaborate with internal teams to gather evidence for external audits
- Participate in the creation and or maintenance of the Information Security Management System
- Maintain an up-to-date knowledge on Security standards, best practices and trends to ensure ongoing compliance
Required skills and experience:
- 2+ years of experience within a security and compliance function
- Experience developing and maintaining policies, procedures, standards, and guidelines to align with company’s strategy and best practices
- Experience with security controls implementation, configuration and maintenance
- Experience with vulnerability management tooling, remediation, and processes
- Experience with coding/scripting in one or more languages (Python, C, C++, Java)
- Experience with Linux operating systems (Ubuntu preferred)
- Understanding of concepts related to Systems Engineering/DevOps, IaC, IAM, network security, systems security, cryptography
- Have a wide understanding of cybersecurity and data protection frameworks such as ISO 27001, NIST, SOC2, PCI-DSS, GDPR, CCPA.
- Experience with third party and external audits
IMPORTANT: Write a Perfect Cover Letter in minutes and start getting interviews! Get expert advice as you write.) Use These Examples Proven to Work.
Valuable experience:
- Bachelor’s degree (or equivalent) in Computer Science, Information Systems, or related field
- Affinity with Open Source software with regards to compliance
- Knowledge of designing and implementing security processes and solutions with topics ranging from architecture, governance, compliance, and operations
- Technical or engineering background, including software development, scripting, networking, and cloud architecture
Chief of Staff, Global Support Services
What your day will look like
- Work with department leadership to shape long term strategies for the department
- Understand, report and manage organisation and team level KPIs
- Prioritise growth initiatives and safeguard current operations
- Manage the strategic agenda of the leadership team
- Run leadership team meetings
- Ensure a strong, candid team dynamic with productive, professional dialogue
- Be a strategic adviser, confidant and proxy for the VP of Global Support
- Clarify and oversee connection points and initiatives across departments
- Optimise processes by looking for and addressing gaps and inefficiencies
- Travel internationally twice a year for up to straight two weeks for company events
What we are looking for in you
- You are an articulate communicator and master organiser
- You love open source software and working with brilliant people
- You enjoy getting all the details right and running a smooth organisation
- You’re a proven generalist and follow industry trends and new technologies
- You understand and value getting things done the right way
- You value soft skills and are passionate, enterprising, thoughtful, and self-motivated
- You’ve worked with Linux, with a preference towards Ubuntu
- You are familiar with public and private cloud platforms