Ubuntu Security Engineer

Role Overview

• Analyzing, fixing, and testing vulnerabilities in open source packages
• Keeping track of vulnerabilities in the Ubuntu ecosystem as they are discovered, researched, and fixed, leveraging internal tools
• Collaborating with other teams in the Ubuntu community and upstream developers, as needed, to exchange or develop vulnerability patches and ensure that Ubuntu includes the most robust security features
• Auditing source code for vulnerabilities
• Building features and tools to help teams strengthen the security of their products and contribute to the overall security of Ubuntu

Requirements

• You have a thorough understanding of the common categories of security vulnerabilities and techniques for fixing them
• You are familiar with coordinated disclosure practices
• You are familiar with open source development tools and methodologies
• You are skilled in one or more of C, Python, Go, Rust, Java, Ruby, PHP or JavaScript/TypeScript
• You have excellent logic, problem-solving, troubleshooting, and decision-making skills
• You can clearly and effectively communicate with the team and Ubuntu community members
• Experience with Linux (Debian or Ubuntu preferred)
• Excellent interpersonal skills, curiosity, flexibility, and accountability
• Appreciative of diversity, polite, and effective in a multi-cultural, multi-national organization
• Thoughtfulness and self-motivation
• Result-oriented, with a personal drive to meet commitments

Tech Stack

• Java
• JavaScript
• Linux
• Open Source
• PHP
• Python
• Ruby
• Rust
• TypeScript
• Go

Benefits

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Team Member Assistance Program & Wellness Platform
• Opportunity to travel to new locations to meet colleagues
• Priority Pass and travel upgrades for long-haul company events