Head of Security Operations
Home based - Americas, EMEA
Canonical Ltd.
Canonical makes open source secure, reliable and easy to use, providing support for Ubuntu and a portfolio of enterprise-grade technologies. Founded in 2004, Canonical operates globally with team members in over 80...This global leadership role in cyber security is to manage the Security Operations (SecOps) team responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.
As a leader on cyber security in the company, the SecOps team manager will collaborate with our Organisational Learning and Development team to develop playbooks and facilitate SecOps training across Canonical. They will operate in a wider security organisation, run a high performing security team and improve Canonical's security posture. They will lead initiatives to integrate the team's insights into Canonical's broader software development process.
While this is a management position, we expect managers to be expert practitioners, able to lead by example, contribute at the highest level, and assess work based on their own professional experience and skill. Candidates should have deep, hands-on expertise with a range of open source and proprietary security tooling and practices, which they can integrate into a holistic next generation security solution across the breadth of Canonical's interests.
The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.
This role reports to the CISO.
What you will do in this role:
- Hire and mentor a team of outstanding technical security professionals
- Define Canonical's SecOps security standards and playbooks
- Own and drive the architecture and design of the SOC
- Analyse and improve Canonical's security architecture
- Evaluate, select and implement new security tools and practices
- Identify, contain and guide the remediation of security threats and cyber attacks
- Grow the presence and thought leadership of Canonical SecOps practice
- Contribute to open source threat intelligence initiatives
- Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
- Develop Canonical SecOps learning and development materials
- Publish blog posts, whitepapers and conference presentations
- Identify, implement and track SecOps KPIs
- Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
- Work with Security leadership to present information and influence change
What we are looking for
- Proven track record of mitigating with advanced threat actors and nation state threats
- Expert technical understanding of SOCs from the ground up
- In depth knowledge of SOC architecture and design including strategies for logging, firewalls, network segmentation, honeypots etc
- Someone who understands how the SOC works not just how to use it
- Expert in Linux security
- Ability to define, implement, automate and measure effective incident response playbooks
- Knowledge of security architecture and market-leading security tools
- Experience contributing to, and consuming, threat intelligence feeds
- Experience in security risk management frameworks such as NIST CSF
- An exceptional academic track record from both high school and university
- Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
- Drive and a track record of going above-and-beyond expectations
- Deep personal motivation to be at the forefront of technology security
- Leadership and management ability
- Excellent business English writing and presentation skills
- Confidence to report security performance metrics with accountability for accuracy and completeness
Optional things we value
- Experience in offensive or defensive security teams with hands-on ability
- Experience with open source security tools
- Experience with security standards such as ISO 27001
- Experience with security posture management of corporate endpoitns
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile CISO Computer Science Firewalls Governance Honeypots Incident response ISO 27001 KPIs Linux NIST Open Source Product security Risk management SecOps SOC STEM Strategy Threat intelligence Ubuntu
Perks/benefits: Team events
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs