Linux Cryptography and Security Engineer

Linux Cryptography and Security Engineer We are looking for an experienced engineer to build and maintain the security foundation that enables Ubuntu and its users to operate securely and remain compliant with international information security standards such as FIPS 140-3 and Common Criteria. You will enhance Ubuntu distribution, collaborate with organizations such as DISA and CIS to draft and implement security hardening benchmarks, and audit deployed systems for DISA‑STIG and CIS benchmark compliance. Responsibilities Collaborate with the Security Hardening team to achieve and retain various security certifications. Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, and others) to meet FIPS and Common Criteria certification requirements. Work with external security consultants to test and validate kernel and crypto module components. Develop security hardening benchmarks and audit‑remediation automation for Ubuntu. Contribute to Ubuntu mainline and upstream projects to land solutions and benefit the community. Communicate and collaborate within and outside Canonical to identify opportunities to improve our security posture, resolve issues quickly, and deliver high‑quality solutions on schedule. Qualifications Hands‑on experience with low‑level Linux cryptography APIs and debugging. Excellent software engineering fundamentals, prior experience with C development, and the ability to demonstrate such experience. Hands‑on experience with Linux system administration and shell scripting. Demonstrated knowledge of security and cryptography fundamentals and direct experience writing secure code and implementing best practices. Significant development experience working with open source libraries. Excellent verbal and written communications to enable efficient collaboration with internal and external partners in a remote‑first environment. Additional Skills That You Might Also Bring Prior experience working on FIPS / Common Criteria certified products and in‑depth knowledge of the underlying standards. Prior experience working directly with DISA‑STIG or CIS benchmarks, including audit‑remediation tooling such as Compliance as Code. Experience working directly with the Linux kernel. Prior experience with Python, OVAL (Open Vulnerability Assessment Language), and Ansible. History of contributions to open source projects. Benefits Distributed work environment with twice‑yearly team sprints in person; remote work since 2004. Personal learning and development budget of USD 2,000 per year. Annual compensation review. Recognition rewards. Annual holiday leave. Maternity and paternity leave. Employee Assistance Programme. Opportunity to travel to new locations to meet colleagues from your team and others. Priority Pass for travel and upgrades for long‑haul company events. About Canonical Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world daily. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence – to succeed we need to be the best at what we do. Canonical has been a remote‑first company since its inception in 2004. Canonical is an equal opportunity employer We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration. #J-18808-Ljbffr