Overview Linux Cryptography and Security Engineer – Canonical This role uses software engineering and cryptography skills to build and maintain the security foundation that enables Ubuntu and its users to operate securely while remaining compliant with international information security standards such as FIPS 140-3 and Common Criteria. You will apply applied cryptography, Linux security, and coding skills to enhance the Ubuntu distribution and collaborate with organizations such as DISA and CIS to draft and implement security hardening benchmarks for Ubuntu. Responsibilities In the Security Hardening team, develop automation tooling to audit deployed systems for DISA-STIG and CIS benchmark compliance. Collaborate with internal and external stakeholders to identify gaps in our security frameworks and develop new solutions. Influence team and security culture, facilitate technical delivery, and help drive team direction and execution. Collaborate closely with Canonical’s kernel team and the wider engineering organization to drive features impacting all Ubuntu users. Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, and others) for FIPS and CC certification. Collaborate with external security consultants to test and validate kernel and cryptographic module components. Develop security hardening benchmarks and automate audit and remediation for Ubuntu. Contribute to Ubuntu mainline and upstream projects to land solutions that benefit the community. Communicate and collaborate with internal and external partners to improve security posture, resolve issues, and deliver high-quality solutions on schedule. What we are looking for in you Hands-on experience with low-level Linux cryptography APIs and debugging. Excellent software engineering fundamentals with C development experience. Hands-on experience with Linux system administration and shell scripting. Demonstrated knowledge of security and cryptography fundamentals, plus experience writing secure code and applying best practices. Significant development experience with open source libraries. Excellent verbal and written communication to collaborate with internal and external partners in a remote-first environment. Additional Skills That You Might Also Bring Experience with FIPS/Common Criteria certified products and knowledge of the underlying standards. Experience with DISA-STIG or CIS benchmarks and related audit/remediation tooling (e.g., Compliance as Code). Experience working with the Linux kernel. Experience with Python, OVAL (Open Vulnerability Assessment Language), and Ansible. History of contributions to open source projects. What We Offer You Distributed work environment with in-person biannual sprints; remote work is standard. Personal learning and development budget of USD 2,000 per year. Annual compensation review and performance-driven bonus structure. Additional benefits aligned with Canonical values, with fairness and local adaptability. About Canonical Canonical is a pioneering tech firm at the forefront of the global move to open source. We publish Ubuntu and are a leading platform for AI, IoT, and the cloud. We hire globally and set high standards for excellence. Canonical has been remote-first since 2004. We provide a window into the world of 21st-century digital business. Canonical is an equal opportunity employer. We foster a workplace free from discrimination and will consider every qualified applicant fairly. EEO We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background creates a better work environment and better products. Whatever your identity, we will give your application fair consideration. #J-18808-Ljbffr