Security Software Engineer

Conteúdo da vaga extraído em seções para revisão mais rápida.

Define, implement, and document new security features
Lead security-focused initiatives within a product engineering team
Analyze, fix, and test vulnerabilities in open source software
Contribute to Ubuntu and upstream open source projects to benefit the community
Audit and analyze source code for vulnerabilities
Integrate new tools into our security infrastructure, pipelines, and processes
Achieve and retain various security certifications
Extend and enhance Linux cryptographic components to meet country-specific compliance requirements, such as FIPS and Common Criteria (CC) certifications
Work with external partners to develop Center for Internet Security (CIS) benchmarks
Design and develop hardening automation for Ubuntu
Stay up to date with trends and developments in the security industry
Develop, test, and maintain new software capabilities
Provide guidance and support to other engineering teams on security best practices

An exceptional academic track record from both high school and university
Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
A track record of going above and beyond expectations
Thorough understanding of the common categories of security vulnerabilities and how to fix them
Knowledge of modern software engineering techniques
Familiarity with open source development tools and methodologies
Skill in one or more of C, C++, Python, Go, Rust, Java, Ruby, PHP, or JavaScript/Typescript
Experience as a security champion
Experience driving security within a wider SSDLC process
Professional written and spoken English
Experience with Linux (Debian or Ubuntu preferred)
Excellent interpersonal skills, curiosity, flexibility, and accountability
Passion, thoughtfulness, and self-motivation
Excellent communication and presentation skills
Results-oriented, with a personal drive to meet commitments

Clear and effective communication with both the team and Ubuntu community members
Experience working with the Linux kernel
Experience with security certifications and knowledge of FIPS and/or Common Criteria (CC)
Experience with OVAL (Open Vulnerability Assessment Language)
Knowledge of cryptographic modules such as OpenSSL and Libgcrypt
Knowledge of low-level Linux cryptography APIs
Demonstrated ability to learn quickly
Performance engineering experience