At Canva, we’re transforming the way the world designs by building a suite of easy-to-use design tools (for graphics, animation, video, and print) in over 100 languages, and across browser-based and mobile platforms.
Since launch in April 2013, we have grown exponentially, amassing over 30 million users in over 100 languages. We are the most valuable technology company in Australia, and one of the world’s fastest-growing technology companies in the world.
We’re a values-driven organization with an engineering mindset to all the work we do. With profitability, a recent valuation of $6bn, and an incredible talent-base, we’re even more driven to continue building out a captivating design experience for users all over the world.
We’re cementing the foundation for the future growth, stability, and safety of our business and users alike as we expand our global footprint with new offices set to open in the United States.
In order to ensure we continue to protect our users and our organization, we’re reinforcing our security capability across the board and growing out of our incident response and core security engineering.
We’re seeking talented individuals who will be responsible shaping what security engineering looks like at Canva and building out capability for analyzing and inspecting our software and systems, performing security assessments, conducting vulnerability testing, and building the tooling to expose areas of risk, and advise our development teams on how to bake security into our products and features.
Actively monitor Canva’s internal and production systems for possible attacks and intrusions
Actively respond to security events from detection through to resolution, including the rollout of solutions to prevent a recurrence
Proactively run threat detection exercises and search for anomalous behavior
Build out and develop the tools and foundations for security incident alerting, management, communication, and response
Maintain incident response documentation, participate in retros, and contribute to incident reports
Assist in the promotion of a security mindset and the establishment of best practices with across a wide range of security areas : secure development, cryptography, network security, security operations, and incident response
Identify trends, research, new technologies, and emerging threats models, which may impact the business
Contribute to projects that enhance the security positioning of the business
A little bit of on-call here and there!
Skills & Experience
First and foremost, have a curious detective mindset - a fascination with puzzles and be driven to solve ambiguous problems with simple solutions
Knowledge of web protocols, common attacks, and deep knowledge of Linux / Unix tools and architecture
Comfortable proficiency a modern programming language such as Python, Java, Golang, etc
Exposure to the cloud! Ideally AWS, but GCP or Azure would be completely fine!
Documentation, communication, and stakeholder management skills; the ability to work alongside technical and non-technical colleagues
The ability to prioritize multiple tasks and projects in a dynamic environment
Previous experience in Security - Engineering, Operations, Incident Response, Analysis, or Threat Research is a bonus, but not a hard requirement
Prior commercial experience in a Systems or Software Engineering role is also a bonus, but not a hard requirement
Competitive salary, plus stock options via our ESOP plan
Flexible daily working hours, we value work-life balance
Breakfast and lunch prepared by our wonderful Vibe team
Onsite-Gym and Yoga Membership
End-of-Trip Facilities : Bicycle parking and showers
Generous parental (including secondary) leave policy
Internal Coaching and an Employee Wellness Program
Sponsored social clubs, team events, and celebrations
Relocation budget for interstate individuals
This role is open to remote applications from folks who reside within Australia.
The Canva workspace is set up for you to do your best work and have a great time doing so, with breakout areas, little nooks, and quiet places to retreat.
If you're seeking professional growth and enjoy working on a product suite that impacts millions of lives every single day - individual and business folks alike - then apply now to be considered for a spot on the team!
We will not under any circumstances be accepting any CVs or resumes from recruitment agencies.