Security Risk Management Specialist at Canonical

This role is ideal for a mid-level security professional who combines a strong academic background in STEM with deep technical expertise in risk quantification. You should be comfortable moving beyond basic checklists to apply statistical models (like FAIR) and threat modeling to a complex, global open-source environment. It’s a high-impact position for someone who wants to shape security standards for Ubuntu and the broader open-source ecosystem. The most unique aspect of this role is the fully remote, "worldwide" work arrangement paired with twice-yearly in-person team sprints at various global locations. While the base salary isn't disclosed, the package includes a performance-based bonus, a $2,000 annual professional development budget, and travel perks like Priority Pass. You’ll have the platform to build a personal brand as a thought leader in security risk management. **You might be a good fit if you:** * Have practical experience with risk frameworks like FAIR and Secure Development Lifecycle (SDLC). * Can translate complex technical cyber risks into clear business terms for leadership. * Enjoy "doing while leading"—defining the playbooks while also executing the assessments. * Thrive in a high-standard, remote-first culture that values rigorous documentation and writing.