Head of Security Operations

This global leadership role in cyber security is to manage the Security Operations (SecOps) team responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.As a leader on cyber security in the company, the SecOps team manager will collaborate with our Organisational Learning and Development team to develop playbooks and facilitate SecOps training across Canonical. They will operate in a wider security organisation, run a high performing security team and improve Canonical's security posture. They will lead initiatives to integrate the team's insights into Canonical's broader software development process.While this is a management position, we expect managers to be expert practitioners, able to lead by example, contribute at the highest level, and assess work based on their own professional experience and skill. Candidates should have deep, hands‑on expertise with a range of open source and proprietary security tooling and practices, which they can integrate into a holistic next generation security solution across the breadth of Canonical's interests.The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector‑specific governance bodies.This role reports to the CISO.What you will do in this role:Hire and mentor a team of outstanding technical security professionalsDefine Canonical's SecOps security standards and playbooksOwn and drive the architecture and design of the SOCAnalyse and improve Canonical's security architectureEvaluate, select and implement new security tools and practicesIdentify, contain and guide the remediation of security threats and cyber attacksGrow the presence and thought leadership of Canonical SecOps practiceContribute to open source threat intelligence initiativesDrive threat modelling, table top exercises and other SecOps practices across Engineering, IS and CanonicalDevelop Canonical SecOps learning and development materialsPublish blog posts, whitepapers and conference presentationsIdentify, implement and track SecOps KPIsPlan and deliver SecOps work in the framework of Canonical's agile engineering practiceWork with Security leadership to present information and influence changeWhat we are looking forProven track record of mitigating with advanced threat actors and nation state threatsExpert technical understanding of SOCs from the ground upIn depth knowledge of SOC architecture and design including strategies for logging, firewalls, network segmentation, honeypots etcSomeone who understands how the SOC works not just how to use itExpert in Linux securityAbility to define, implement, automate and measure effective incident response playbooksKnowledge of security architecture and market‑leading security toolsExperience contributing to, and consuming, threat intelligence feedsExperience in security risk management frameworks such as NIST CSFAn exceptional academic track record from both high school and universityUndergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative pathDrive and a track record of going above‑and‑beyond expectationsDeep personal motivation to be at the forefront of technology securityLeadership and management abilityExcellent business English writing and presentation skillsConfidence to report security performance metrics with accountability for accuracy and completenessOptional things we valueExperience in offensive or defensive security teams with hands‑on abilityExperience with open source security toolsExperience with security standards such as ISO 27001Experience with security posture management of corporate endpoitns#J-18808-Ljbffr