Skip to content

Search the site

Canonical, sponsor of the widely used Ubuntu Linux distribution, is looking for a new Chief Information Security Officer (CISO) with the role advertised as fully remote. The Stack is making it our latest Job of the Week*.

We are doing so with the caveat that the privately held company is notoriously firmly controlled by founder and CEO Mark Shuttleworth and a look at Glassdoor suggests some not infrequent gripes about his leadership style. That said, for those with an appetite for a compelling challenge, it’s an exciting opportunity on a very widely used enterprise Linux distribution and associated suite of other popular FOSS software products.

The Canonical CISO will report to the CFO, a somewhat unusual but often compelling reporting line.

The role comes as software providers with large customer bases are increasingly in attackers’ crosshairs as they look to capitalise on the potential of compromising widely used distributions and/or products and services.

See also: Hiring a CISO? Knoweth thou this…

The new Canonical CISO will be responsible for “end to end definition and implementation of the cybersecurity and compliance program” the privately held company said: “They will continue to build a world-leading team of cybersecurity professionals currently in excess of 30 people and work to define and implement process and technical security controls. It is important for the CISO to work closely with the business, infrastructure, product and engineering teams to define and meet cybersecurity and compliance targets…”

The company wants someone who can:

  • Build, develop and lead a high performing cybersecurity and compliance team
  • Advise business and engineering leadership in the implementation of cybersecurity and compliance
  • Present regular reports to Canonical executives and our Board of Directors
  • Integrate an information and cyber security risk management framework
  • Define and deliver a cybersecurity culture and awareness program for employees and partners
  • Define and implement an information assurance framework, ensuring regulatory compliance
  • Monitor and respond to security and privacy incidents
  • Lead the implementation of a secure system development life-cycle

A previous Director of Security’s job description on LinkedIn gives a snapshot of a day-in-the-life, suggesting that the role is likely to encompass both work supporting the security of software products Canonical takes to market, as well as internal corporate infrastructure and users; a diverse and compellingly upstream challenge.

More details and apply here.

*Back after a slight hiatus! Suggestions always welcomed, largely at C-Suite level.

See: Ubuntu Pro is GA: 10 years’ support for OS, optional for 23k packages