What you will do in this role:

• Hire and mentor a team of outstanding technical security professionals
• Define Canonical’s SecOps security standards and playbooks
• Analyse and improve Canonical’s security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical’s agile engineering practice
• Work with Security leadership to present information and influence change

What We Are Looking For

• Proven track record of mitigating with advanced threat actors and nation state threats
• Expertise in threat modelling and risk management frameworks
• Ability to define, implement, automate and measure effective incident response playbooks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF
• Experience with security standards such as ISO 27001
• An exceptional academic track record from both high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Leadership and management ability
• Excellent business English writing and presentation skills
• Confidence to report security performance metrics with accountability for accuracy and completeness

Optional things we value

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands-on ability
• Experience with state-actor and other advanced persistent threats