- Implement and evolveCanonical's SecOps security standards and playbooks
- Analyseand improve Canonical's security architecture
- Evaluate,select and implement new security tools and practices
- Identify, contain and guide the remediation of security threats andcyber attacks
- Grow the presence and thought leadership ofCanonical SecOps practice
- Contribute to open source threatintelligence initiatives
- Drive threat modelling, table topexercises and other SecOps practices across Engineering, IS andCanonical
- Develop Canonical SecOps learning and developmentmaterials
- Publish blog posts, whitepapers and conferencepresentations
- Identify, implement and track SecOps KPIs
- Plan and deliver SecOps work in the framework ofCanonical's agile engineering practice
- Work with Securityleadership to present information and influence change
- Anexceptional academic track record
- Undergraduate degree inComputer Science or STEM, or a compelling narrative about youralternative path
- Drive and a track record of goingabove-and-beyond expectations
- Deep personal motivation tobe at the forefront of technology security
- Expertise inthreat modelling and risk management frameworks
- Knowledgeof security architecture and market-leading security tools
- Experience contributing to, and consuming, threat intelligence feeds
- Experience in security risk management frameworks such asNIST CSF
- Experience with security standards such as ISO
- Experience in a security operations team or a security operationscentre (SOC)
- Experience in offensive or defensive securityteams with hands-on ability
- Experience with state-actor andother advanced persistent threats
- Distributed work environment withtwice-yearly team sprints in person
- Personal learning anddevelopment budget of USD 2, per year
- Annual compensationreview
- Recognition rewards
- Annual holiday leave
- Maternity and paternity leave
- EmployeeAssistance Programme
- Opportunity to travel to new locationsto meet colleagues
- Priority Pass, and travel upgrades forlong haul company events
Staff Security Operations Engineer - London, United Kingdom - in Newbury
Description
We have opened several senior/staff Security Operations Engineer(SOC) positions, creating a new team reporting to the CISO. We arelooking for a range of experience in these positions - at the high endwe are looking for deep experience defending highly contested criticalassets and high-value cyber targets against advanced persistentthreats and state-level actors. We have more junior roles forexceptional individuals with a proven personal interest an engagementin cyber attack and defence, and outstanding academic and careerperformance even if experience is limited.
Our goal is tobuild an entirely new level of assurance and observable rigour intothe open source supply chain. We have our own estate to monitor, butmore broadly our goal is to raise the robustness of the entire globalUbuntu estate through the work of this team.
The SecurityOperations (SecOps) team is responsible for design, implementation andevolution of Canonical security practices, techniques, tools, systemsand policies. The team is the primary owner of strategy and practicesthat determine how Canonical secures its data, internal infrastructureand build processes. They are responsible for assuring the securityand integrity of our own infrastructure and product deployments. Theydesign and implement technical security controls that ensure securitythreats are automatically identified, contained and remediated. Theteam will also contribute ideas and requirements for Canonical productsecurity, improving the resilience and robustness of all Ubuntucustomers and users subject to cyber attack.
The SecOpsteam's mission is not only to secure Canonical, but also to contributeto the security of the wider open source ecosystem. They might shareknowledge through public presentations and industry events, and sharethreat intelligence with the wider community or represent Canonical insector-specific governance bodies.
What you willdo in this role:
What we are looking for
Optional things we value
What we offeryou
We consider geographical location,experience, and performance in shaping compensation worldwide. Werevisit compensation annually (and more often for graduates andassociates) to ensure we recognise outstanding performance. Inaddition to base pay, we offer a performance-driven annual bonus. Weprovide all team members with additional benefits, which reflect ourvalues and ideals. We balance our programs to meet local needs andensure fairness globally.