This CISO role is for a global cybersecurity leader with a passion for Linux and open source to help define the way Canonical secures its corporate infrastructure, designs its products and assures regulatory compliance.

This role will be responsible for the end to end definition and implementation of the cybersecurity and compliance program. They will continue to build a world-leading team of cybersecurity professionals currently in excess of 30 people and work to define and implement process and technical security controls. It is important for the CISO to work closely with the business, infrastructure, product and engineering teams to define and meet cybersecurity and compliance targets.

This role reports to our CFO.

Key responsibilities

• Define a cybersecurity strategy and operating model that is aligned with our business objectives
• Develop and track a clear, measurable cybersecurity plan
• Assume responsibility for Canonical's information security and compliance program
• Build, develop and lead a high performing cybersecurity and compliance team
• Advise business and engineering leadership in the implementation of cybersecurity and compliance
• Present regular reports to Canonical executives and our Board of Directors
• Integrate an information and cyber security risk management framework
• Define and deliver a cybersecurity culture and awareness program for employees and partners
• Define and implement an information assurance framework, ensuring regulatory compliance
• Monitor and respond to security and privacy incidents
• Lead the implementation of a secure system development life-cycle

Valued skills and experience

• A bachelor's degree in computer science, information technology, or a related field; MBA preferred
• Substantial experience in risk management, information security, or incident response
• Experience implementing a cybersecurity and compliance program in an engineering organization
• Experience building and leading a cross functional cybersecurity and compliance team
• Proven ability to define, implement and measure effective incident response playbooks and a cybersecurity culture program
• Knowledge of information security management frameworks, such as ISO/IEC 27001 and NIST
• Knowledge of international privacy laws and financial reporting requirements
• Understanding of current legislation and regulations relevant to our organization
• Excellent project management and leadership skills
• Excellent communication skills
• Familiarity with cloud native technologies and agile development methodologies a plus
• Past experience leading the incident response to a large scale cyber security threat a plus

What Canonical offers:

• Personal learning and development budget
• Annual compensation review
• Recognition rewards
• Annual leave
• Priority Pass for travel