63 Information Security jobs in Kuwait

3 weeks ago Be among the first 25 applicants

As a Senior Cyber Recovery Consultant, you will provide end-to-end custom consulting, design and implementation support for customers, specifically related to Dell Technologies products. This may include pre-sales kick-offs, consulting, initial design workshops, implementation, customization, integration and outline orientation for the customer. You will work closely with internal and customer resources to ensure a smooth transition from the initial consultation through to integration/production mode. You will be considered a subject matter expert around Cyber Recovery solutions and knowledgeable of industry best practices in the design and implementation of complex Cyber Recovery and Data Protection solutions.

Requirements

• Lead Cyber Recovery solution and proposal development once project goals and objectives have been defined
• Operate as a subject matter expert on Cyber Recovery solutions within the Consulting practice, including managing large customer engagements, delivering technical Cyber Recovery workshops to customers, and interpreting/managing complex Statements of Work (SOW's)
• Have full oversight of Cyber Recovery solutions at all stages of the lifecycle - from initial requirement gathering/validation, through to solution design and delivery
• Plan implementations and advance strategies for new initiatives
  
  

• Excellent technical knowledge of Cyber Recovery and Data Protection solutions
• Experience with Data Protection/Backup Recovery Tools & Architecture (Networker, NetBackup, Veeam, TSM, Commvault, etc.) as well as Data Domain and Avamar Technologies
• Advanced writing skills and demonstrated ability to document processes for the customer
• Advanced communication skills in working with the customer including awareness of stakeholders and ability to influence outcomes
• Advanced knowledge, understanding and application of project management principles and methodologies
• 10-15+ years' experience with the above
  
  

• Strong Understanding of the wider IT landscape including Network, Storage, Compute , Replication, Backup/Recovery Architectures
• Good understanding of TOGAF framework

• Seniority level Mid-Senior level

• Employment type Contract

• Job function Consulting
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at SWATX by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Head of Security Operations role at Canonical

Continue with Google Continue with Google

Join to apply for the Head of Security Operations role at Canonical

Get AI-powered advice on this job and more exclusive features.

Continue with Google Continue with Google

Continue with Google Continue with Google

Continue with Google Continue with Google

Continue with Google Continue with Google

Continue with Google Continue with Google

Continue with Google Continue with Google

This global leadership role in cyber security is to manage the Security Operations (SecOps) team responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

As a leader on cyber security in the company, the SecOps team manager will collaborate with our Organisational Learning and Development team to develop playbooks and facilitate SecOps training across Canonical. They will operate in a wider security organisation, run a high performing security team and improve Canonical's security posture. They will lead initiatives to integrate the team's insights into Canonical's broader software development process.

While this is a management position, we expect managers to be expert practitioners, able to lead by example, contribute at the highest level, and assess work based on their own professional experience and skill. Candidates should have deep, hands-on expertise with a range of open source and proprietary security tooling and practices, which they can integrate into a holistic next generation security solution across the breadth of Canonical's interests.

The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

This role reports to the CISO.

What you will do in this role:

• Hire and mentor a team of outstanding technical security professionals
• Define Canonical's SecOps security standards and playbooks
• Own and drive the architecture and design of the SOC
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  
  

• Proven track record of mitigating with advanced threat actors and nation state threats
• Expert technical understanding of SOCs from the ground up
• In depth knowledge of SOC architecture and design including strategies for logging, firewalls, network segmentation, honeypots etc
• Someone who understands how the SOC works not just how to use it
• Expert in Linux security
• Ability to define, implement, automate and measure effective incident response playbooks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF
• An exceptional academic track record from both high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Leadership and management ability
• Excellent business English writing and presentation skills
• Confidence to report security performance metrics with accountability for accuracy and completeness
  
  

• Experience in offensive or defensive security teams with hands-on ability
• Experience with open source security tools
• Experience with security standards such as ISO 27001
• Experience with security posture management of corporate endpoitns

• Seniority level Director

• Employment type Full-time

• Job function Other, Information Technology, and Management
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Continue with Google Continue with Google

Continue with Google Continue with Google

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Senior Security Operations Engineer role at Canonical

Continue with Google Continue with Google

Join to apply for the Senior Security Operations Engineer role at Canonical

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.

Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.

The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role:

• Implement and evolve Canonical's Security Operation Center
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  
  

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Previous professional experience working or leading a Security Operation Center
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modelling and risk management frameworks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF and ISO27001
  
  

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands-on ability
• Experience with state-actor and other advanced persistent threats
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the WAN Security Engineer role at V2X Inc .

3 days ago Be among the first 25 applicants.

Overview

Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Our $3.9B company and 16,000 people work alongside our clients worldwide to tackle complex challenges with integrity, respect, responsibility, and professionalism.

WAN Security Engineers are required to be certified at the expert level in multiple disciplines of networks and security (e.g., CCNP/CCIE & CISSP). They support enterprise-class network security technologies including firewalls, web proxy appliances, VPN appliances, C2C, and NAC solutions. Responsibilities include design, troubleshooting, optimization, administration, change management, and documentation of core network technologies such as Cisco Firepower NGFW, Cisco FMC, Menlo CBII, Forescout Enterprise Manager, and Cisco ISE.

This position offers company-paid housing and transportation, a completion bonus, and tuition reimbursement. Candidates must meet all host country employment requirements.

Responsibilities

• Provide enterprise-level support for network firewall access modifications, troubleshoot web browsing issues, and support DMZ-hosted services.
• Recommend network security policies, plan projects, manage changes, and oversee firewall and ACL management.
• Enforce security policies and investigate malicious network activity.
• Ensure compliance with DISA STIGs and perform system maintenance for vulnerabilities and compliance.
• Manage proxy web filtering policies and analyze logs for irregularities.
• Support AAA & auditing in Cisco ISE, and assist with C2C infrastructure and Zero Trust architecture.
• Monitor network device health, maintain network diagrams, and manage requests via ServiceNow.
• Perform additional duties as assigned.

Qualifications

• Active Secret Security Clearance.
• Bachelor's degree or equivalent experience in related fields.
• Adherence to DoD 8570.01M with at least one baseline and one CE certification (e.g., CCNP Security, CISSP).
• Minimum 10 years of experience with network and firewall technologies, VPN, TCP/IP troubleshooting.
• Proficiency with Cisco Firepower, FMC, Menlo CBII, Forescout, Cisco ISE, and related platforms.
• Strong technical, managerial, and analytical skills, with excellent communication and organizational abilities.

We value diversity and are an Equal Opportunity Employer. All qualified applicants will be considered without regard to race, color, religion, age, sex, national origin, veteran status, or disability.

Geo Owl is currently looking for a Mid-Level OSINT Analyst to support our DOD contract opportunity deployed to the USCENTCOM area of operations. This is a full-time deployed position where you will work with cutting-edge technology on intelligence requirements of national importance. You will be part of a mission-focused team providing intelligence support to senior government decision makers. At Geo Owl, we prioritize our people to enable them to achieve great things for our customer's mission. Join the team now!

If interested, apply now or contact one of our recruiters.

TS/SCI

Kuwait

Requirements: Must meet all the requirements listed below.

• You must be a US Citizen with an active TS/SCI Security Clearance
• Education – Associates Degree AND four years of relevant experience in Intelligence Operations OR equivalent experience PLUS
• Experience – at least four years of current All-Source analysis and/or Open Source Intelligence experience or related field analysis with the following MOS: 35F, 350F, USMC 0231, AF 1N0X, 14N3, or other DoD or Government agency equivalent
• Ability to clearly communicate intelligence findings from fused Open Source Intelligence data to senior decision makers
• Willingness to deploy for at least 12 months to the CENTCOM AOR and work 7 days a week as part of a mission-focused team
• Passport and driver’s license
• Ability to pass medical physical and show proof of fitness to deploy
• Special skills or qualifications: Expert knowledge of All-Source analysis and production operations; excellent written and oral communication skills; ability to manage research and coordination for projects

• Health Insurance (Geo Owl pays 80%+ of the premium)
• 401k matching
• Dental, Vision, and other supplemental insurance plans available
• Company-paid short-term and long-term disability and life insurance
• Peer-to-Peer spot bonuses
• 120 hours of PTO per year plus federal holidays
• Fully Paid Military Leave: You make your full Geo Owl salary while on military duty
• Exiting the Military? Apply to our Military Transition Program for insights into transitioning to civilian life

Our mission is to empower EVERYONE with geospatial technologies.

Geo Owl is a premier provider of geospatial intelligence services, delivering solutions to the Department of Defense, intelligence agencies, and enterprises worldwide. Our services include advanced geospatial analysis, imagery intelligence, remote sensing analysis, data science, and space-based custom intelligence solutions. We are dedicated to leveraging the latest analytic principles and technology to support our clients' missions.

Our core values—innovation, integrity, and excellence—drive everything we do. We are committed to pushing the boundaries of geospatial intelligence to provide the most accurate, timely, and actionable intelligence. We uphold the highest standards of ethics and accountability, striving to exceed expectations in every project.

Our culture is built on collaboration, continuous learning, and respect. We foster an environment for personal and professional growth, supported by passionate, dedicated experts. We value work-life balance and offer flexible working arrangements.

We invest in our employees' growth through ongoing training, career advancement, and impactful projects. Our team enjoys camaraderie and purpose, knowing their work contributes to national security and global stability. If you seek a dynamic, rewarding career in geospatial intelligence, Geo Owl is the place for you. Join us and shape the future of geospatial intelligence.

(Insert CEO message here)

(Insert principles here)

Geo Owl is an equal opportunity employer and does not discriminate on the basis of race, color, religion, creed, sex, age, sexual orientation, national origin, disability, marital status, military status, genetic predisposition, or any other protected class.

Follow Geo Owl on LinkedIn !

Join to apply for the Threat Intelligence Lead role at Canonical

3 months ago Be among the first 25 applicants

Join to apply for the Threat Intelligence Lead role at Canonical

Get AI-powered advice on this job and more exclusive features.

The Threat Intelligence Lead will own Canonical's threat intelligence strategy and execution, including understanding of which cyber threat actors are targeting Canonical, and the use of intelligence on Tactics, Techniques and Procedures (TTP) to better our products and internal cybersecurity controls. You will collaborate with internal stakeholders as well as with the wider cybersecurity community, making sure that Canonical is recognised as a thought leader on open source threat intelligence.

This role will report to the CISO.

You will lead intelligence gathering and development activities on threat actors targeting software supply chains. You'll study attack trends across the wider open source software landscape, report findings to internal security teams, and advise the wider engineering community on the best course of action to detect and mitigate possible threats.

As the publisher of Ubuntu, Canonical products are directly or indirectly present in almost every organisation and household in the world, making them a prime target for threat actors. This team's mission is to help Canonical, and by extension countless community members and companies around the world, secure their software infrastructure.

What you'll do in this role

• Build and own Canonical's threat intelligence strategy
• Build and maintain OSINT research environments
• Develop OSINT tradecraft, principals, and techniques
• Identify and track targeted intrusion cyber threats, trends, and new developments by cyber threat actors through analysis of proprietary and open source datasets
• Collaborate across teams to inform on activity of interest
• Coordinate adversary/campaign tracking
• Contribute to the wider threat intelligence community, establishing Canonical as a key contributor and thought leader in the space
• Work with product and engineering teams to explain cybersecurity threats and advise on mitigation strategies
• Work with the OPSEC and IS team to help implement/update security controls prioritising cyber defence
• Identify intelligence gaps and propose new tools and research projects to fill them
• Conduct briefings for executives, internal stakeholders and external customers
  
  

• An experienced threat intelligence leader (or similar)
• Knowledgeable about the current open source threat landscape and computer networking/infrastructure concepts
• Highly competent with OSINT tools (e.g., Buscador, Trace Labs OSINT VM, OSINT Framework, Maltego, Shodan, social media scraping tools, etc.)
• Able to identify, organise, catalogue, and track adversary tradecraft trends — often with incomplete data
• Experienced using threat intelligence data to influence enterprise architecture or product development decisions
• An excellent communicator with the ability to clearly articulate and tailor technical content to a variety of audiences
• Able to travel twice a year, for company events up to two weeks long
  
  

• A professional portfolio of OSINT related scripts, tools, or frameworks
• Demonstrated involvement in the larger OSINT community (please share relevant links)
• Degree qualified, with a bachelor's degree in computer science, information security, or a related field
• Certifications in related areas (e.g. GOSI, SANS SEC487 & SEC587, IntelTechniques OSIP, etc)
• Experience in a tech company or government/military signal intelligence departments
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Supports United States Army Regional Cyber Center – Southwest Asia (USARCC-SWA) networks with day-to-day operations in support of (ISO) Computer Network Defense (CND), to deny adversaries access to information and information systems (IS). Operate and maintain (O&M) active and passive defense technologies, to troubleshoot, optimize, and administer network Intrusion Detection/Prevention Systems (IDS/IPS). Adheres to Change Management (CM) policies, provides technical documentation, and follows the Risk Management Framework (RMF) by implementing, assessing, and monitoring Defense Information Systems Agency (DISA) provided Secure Technical Implementation Guides (STIGs). Program: OMDAC-SWACA

This position offers company-paid housing and transportation, a completion bonus and tuition reimbursement program!

You must satisfy all host country requirements to legally work in the host country in order to be qualified for this position.

Responsibilities

Provide Network IDS/IPS O&M in support of (ISO) the Army portion of the Department of Defense Information Network (DoDIN) in the United States Central Command (US CENTCOM) Area of Responsibility (AOR).

Monitor and implement Joint Forces Headquarters (JFHQ-DoDIN), United States Army Cyber Command (ARCYBER), and US Army Network Enterprise Technology Command (NETCOM) Operation Orders (OPORD), Task Orders (TASKORD), and Communication Tasking Orders (CTOs).

Block Internet Protocol (IP) networks when directed by the customer.

Investigate network and Automated Information System (AIS) security events.

Manage customer trouble tickets using automated standardized system. Record customer requests for assistance electronically. Provides record of immediate resolution or escalates for resolution of particularly difficult and complex problems. Ensures that problem resolution is recorded electronically to assist addressing subsequent occurrences of problems.

Consults with other IT Specialists to identify defects in performance and provides administrative and technical assistance to the USARCC-SWA Team.

Generate reports for leadership detailing traffic analysis, and security events.

Create, implement, and monitor custom Snort version 2 and 3 IPS signatures.

Apply vendor provided signature and software updates while adhering to CM policies.

Perform in depth analysis utilizing the Security Incident and Event Management (SIEM).

Participate in CND exercises as requested by the customer to maintain site accreditation.

Interprets and implements Department of Defense (DoD), Army, and local Command policies, directives, manuals, instructions, regulations and guidelines for data, and system security including DISA STIGs and Security Requirements Guides (SRGs).

Maintains current DoD Cyberspace Workforce Framework (DCWF) certifications per DoD 8570.01-M, and other cybersecurity requirements.

Perform any additional duties as required/assigned.

Qualifications :

Security Clearance:

Requires an active Secret Clearance

Education / Certification: One-year related experience can be substituted for one year of education if the degree is required.

High school diploma required or equivalent

This position requires candidates to adhere to DoD 8570.01. All candidates are required to maintain at least one (1) baseline certification and one (1) computing environment (CE) certification. Baseline certifications cannot also be used as a Computing Environment (CE) certification.

The authorized certifications for this job title are listed as follows:

IAT Level: Information Technology (IT) I / Information Assurance Technical (IAT) III

BASELINE:

Cisco: CCNP Security

CompTIA: CASP+ ce: Advanced Security Practitioner

CompTIA: CySA+ ce: Cybersecurity Analyst

ISACA: CISA: Certified Information Systems Auditor

ISC2: CCSP: Cloud Certified Security Practitioner

ISC2: CISSP (or Associate): Certified Information Systems Security Professional

COMPUTING ENVIRONMENT (CE):

Cisco: CCIE: (Any)

Cisco: CCNP: Certified Network Professional: (Any)

EC-Council: CEH: Certified Ethical Hacker

EC-Council: CHFI: Certified Hacking Forensic Investigator

EC-Council: CND: Certified Network Defender

Experience :

Requires a minimum of seven (7) years of experience in telecommunications sector.

Company Industry

• Facilities Management

Department / Functional Area

• Communications Engineering

Keywords

• Network Information Assurance

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at

Vectrus is a leading provider of global service solutions in the areas of Infrastructure Asset Management, Information Technology and Network Communication services, and Logistics and Supply Chain Management services.
Since 1945, we've succeeded by tackling some of the world's most difficult challenges. Our management team averages 28 years of experience in the military and industry, and our globally diverse workforce, including more than 30% of our employees reporting a military background, provide us with highly resourceful and experienced problem solvers. We currently operate in 15 countries across four continents, in both stable and unstable environments, employing approximately 5,000 people and managing more than 7,250 subcontractor personnel.
Vectrus brings together the best people and performance needed to get the job done. We are "true to your mission."

Join to apply for the Ubuntu Security Engineer role at Canonical

3 days ago Be among the first 25 applicants

Join to apply for the Ubuntu Security Engineer role at Canonical

Get AI-powered advice on this job and more exclusive features.

Canonical is a leading provider of open source software and operating systems to the global enterprise and technology markets. Our platform, Ubuntu, is very widely used in breakthrough enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers include the world's leading public cloud and silicon providers, and industry leaders in many sectors. The company is a pioneer of global distributed collaboration, with 1200+ colleagues in 75+ countries and very few office-based roles. Teams meet two to four times yearly in person, in interesting locations around the world, to align on strategy and execution.

The company is founder-led, profitable, and growing.

Canonical is building a team dedicated to providing security coverage across a wide range of ecosystems and environments, working to make the world a better, safer place. We are hiring an Ubuntu Security Engineer to join an industry-leading security engineering team and help protect the open source community and Ubuntu users from emerging threats. We are looking for candidates across all levels of experience, from Graduate to Senior.

As part of the Ubuntu Security Team, you will work with some of the best and brightest people in technology to monitor, triage, respond to, and document new and existing vulnerabilities in open source software. You will collaborate with internal teams and external partners to identify issues, prioritize them, and coordinate remediation.

This is an engineering-focused role that may also involve activities such as producing security assessments, building features, conducting code reviews, developing internal tools, engaging with the open source community, and participating in industry initiatives and events.

This role requires international travel at least twice a year, usually for one week. It also requires the ability to be productive in a globally distributed team through self-discipline and self-motivation.

Location: Worldwide, this is a globally remote role

The role entails

• Analyzing, fixing, and testing vulnerabilities in open source packages
• Keeping track of vulnerabilities in the Ubuntu ecosystem as they are discovered, researched, and fixed, leveraging internal tools
• Collaborating with other teams in the Ubuntu community and upstream developers, as needed, to exchange or develop vulnerability patches and ensure that Ubuntu includes the most robust security features
• Auditing source code for vulnerabilities
• Building features and tools to help teams strengthen the security of their products and contribute to the overall security of Ubuntu
  
  

• You have a thorough understanding of the common categories of security vulnerabilities and techniques for fixing them
• You are familiar with coordinated disclosure practices
• You are familiar with open source development tools and methodologies
• You are skilled in one or more of C, Python, Go, Rust, Java, Ruby, PHP or JavaScript/TypeScript
• You have excellent logic, problem-solving, troubleshooting, and decision-making skills
• You can clearly and effectively communicate with the team and Ubuntu community members
• Experience with Linux (Debian or Ubuntu preferred)
• Excellent interpersonal skills, curiosity, flexibility, and accountability
• Appreciative of diversity, polite, and effective in a multi-cultural, multi-national organization
• Thoughtfulness and self-motivation
• Result-oriented, with a personal drive to meet commitments
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Team Member Assistance Program & Wellness Platform
• Opportunity to travel to new locations to meet colleagues
• Priority Pass and travel upgrades for long-haul company events
  
  

• Seniority level Entry level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Linux Cryptography and Security Engineer role at Canonical

3 days ago Be among the first 25 applicants

Join to apply for the Linux Cryptography and Security Engineer role at Canonical

This is a unique opportunity to use your software engineering and cryptography skills to build and maintain the security foundation that enables Ubuntu and its users to operate securely and remain compliant to international information security standards such as FIPS 140-3 and Common Criteria. You will use your applied cryptography, Linux Security, and coding skills to enhance the Ubuntu distribution and work with organizations such as DISA and CIS to draft and implement security hardening benchmarks for Ubuntu.

As a member of the Security Hardening team you will work with and develop automation tooling to audit deployed systems for DISA-STIG and CIS benchmark compliance. You will interact with internal and external stakeholders to identify gaps in our frameworks, and develop new solutions to address these challenges. In this role you will have the opportunity to influence team and security culture, facilitate technical delivery, and help drive team direction and execution. You'll collaborate closely with Canonical's kernel team as well as the wider engineering organization to drive features impacting all Ubuntu users.

Day-to-day responsibilities

• Collaborate with other engineers in the Security Hardening team to achieve and retain various Security certifications
• Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, and others) with the features and functionality required for FIPS and CC certification
• Collaborate with external security consultants to test and validate kernel and crypto module components
• Work with external partners to develop security hardening benchmarks and audit + remediation automation for Ubuntu
• Contribute to Ubuntu mainline and upstream projects to land solutions and benefit the community
• Communication and collaboration within and outside Canonical to identify opportunities to improve our security posture, rapidly resolve issues, and deliver high-quality solutions on schedule
  
  

• Hands-on experience with low-level Linux cryptography APIs and debugging
• Excellent software engineering fundamentals, including prior experience with C development, and the ability to demonstrate such
• Hands-on experience with Linux system administration and shell scripting
• Demonstrated knowledge of security and cryptography fundamentals + direct experience writing secure code and implementing best practices
• Significant development experience working with open source libraries
• Excellent verbal and written communications to enable efficient collaboration with internal and external partners in a remote-first environment
  
  

• Prior experience working on FIPS/Common Criteria certified products and in-depth knowledge of the underlying standards
• Prior experience working directly with DISA-STIG or CIS benchmarks, including related audit + remediation tooling (e.g. Compliance as Code)
• Experience working directly with Linux Kernel
• Prior experience with Python, OVAL (Open Vulnerability Assessment Language), and Ansible
• History of contributions to open source projects
  
  

• Distributed work environment with twice-yearly team sprints in person - we've been working remotely since 2004!
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues from your team and others
• Priority Pass for travel and travel upgrades for long haul company events
  
  

• Seniority level Entry level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.