As part of the Ubuntu team, you will work with the best and brightest people in technology to monitor, triage, respond to and document new and existing vulnerabilities in open source software. The role will involve collaboration with internal teams and external partners, to identify and prioritize issues and track progress.
The role can also include a number of other activities, including security assessment and code review, internal tooling developments, community engagement, security hardening and feature development and industry collaboration participation.
This job involves international travel several times a year, usually for one week and requires the ability to be productive in a globally distributed team through self-discipline and self-motivation.
What You'll Do
- Analyze, fix, and test vulnerabilities in Ubuntu packages
- Keep track of vulnerabilities in Ubuntu releases as they are discovered, researched and fixed (using internal software tools)
- Collaborate with other teams in the Ubuntu community and with upstream developers where appropriate, to exchange or develop vulnerability patches and make sure that Ubuntu includes the very best security features
- Audit source code for vulnerabilities
- You have a thorough understanding of the common categories of security vulnerabilities and techniques for fixing them
- You are familiar with coordinated disclosure practices
- You are familiar with open source development tools and methodologies
- You are skilled in one or more of C, Python, go, Rust, Java, Ruby or PHP
- You have excellent logic, problem-solving, troubleshooting, and decision-making skills
- You can clearly and effectively communicate with the team and Ubuntu community members