Engineering Manager - Security Standards and Hardening at Canonical

Engineering Manager - Security Standards and Hardening

Location: Home based - Worldwide (fully remote)

Role summary

Join Canonical as an Engineering Manager focused on security standards, cryptographic modules and system hardening across the Ubuntu platform. You will lead a security-focused engineering team responsible for defining and delivering FIPS, CIS, STIG, FedRAMP and CRA-aligned solutions, and for driving secure-by-default engineering practices across desktops, servers, edge devices, cloud infrastructure, Kubernetes and OpenStack.

What you will do in this role

• Lead, mentor and develop a team of engineers (from graduate to senior), providing career guidance and performance feedback.
• Measure and maintain team health indicators and implement disciplined engineering processes.
• Plan and manage progress on security goals and projects, ensuring timely, high-quality delivery.
• Represent your team and products to internal stakeholders, partners, customers and the wider community.
• Develop and evangelise engineering and organisational practices that raise the standard of security across Canonical products.
• Drive compliance and certification efforts addressing FIPS 140, CIS benchmarks, DISA STIGs, FedRAMP and the new CRA.
• Lead work on cryptography modules, system hardening and audit/remediation tooling (e.g. Compliance as Code), collaborating with industry partners including CIS and DISA.

What we are looking for in you

We seek an experienced, hands-on security leader with deep knowledge of application and OS security, compliance frameworks and cryptography.

• Exceptional academic track record from high school and university; undergraduate degree in Computer Science or STEM, or a compelling alternative background.
• Proven track record of developing engineering talent and delivering secure, compliant products at scale.
• Prior experience working with FIPS/Common Criteria certified products and in-depth working knowledge of those standards.
• Experience with DISA-STIG or CIS benchmarks and related audit and remediation tooling.
• Strong knowledge of software and application security, including hands-on experience with Linux cryptography libraries such as OpenSSL and GnuTLS.
• Solid experience working in agile development environments and implementing disciplined engineering practices.
• Excellent verbal and written communication skills in English; professional manner interacting with colleagues, partners and community.
• Organised, result-oriented, and able to ensure your team delivers timely, high-quality results.
• Ability and willingness to travel twice a year for company events of up to two weeks each.

Optional things we value

• Deep familiarity with cryptographic implementations and module validation processes.
• Experience building compliance-as-code, automation for audits and remediation pipelines.
• Broad familiarity with cloud, Kubernetes, OpenStack and large-scale Linux deployments.
• A demonstrated drive for continual learning and an ability to build trust and relationships across teams and partners.

What we offer you

Canonical shapes compensation by geography, experience and performance and offers a benefits package tailored to local requirements. In addition to base pay, eligible roles may receive a performance-driven annual bonus. We provide a remote-first environment and support professional development and wellbeing.

• Distributed work environment with twice-yearly in-person team sprints.
• Personal learning and development budget of USD 2,000 per year.
• Annual compensation review and recognition rewards.
• Annual holiday leave, maternity and paternity leave.
• Employee Assistance Programme and wellbeing support.
• Opportunity to travel to meet colleagues; Priority Pass and travel upgrades for long-haul company events.

About Canonical

Canonical publishes Ubuntu, the world’s most widely used open-source Linux distribution. Our mission is to deliver the best open source platform while setting high standards for software security and reliability. We recruit globally, operate as a remote-first company and partner with cloud providers, silicon vendors and industry bodies to make Ubuntu secure and trustworthy for enterprise deployments.

Inclusion & accessibility

Canonical is an equal opportunity employer. We foster an inclusive workplace free from discrimination. If you require reasonable accommodation for travel or during recruitment relating to a physical disability, please inform us and we will discuss your requirements.

Additional information

Ability to travel twice a year for company events (up to two weeks each). #LI-remote

Requisition ID: 907

How to apply

Apply via Canonical's careers site for this role: https://canonical.com/careers/6215514