Security Engineer - Incident Response & Threat Detection
Sydney, AU
1d ago

At Canva, we’re transforming the way the world designs by building a suite of easy-to-use design tools (for graphics, animation, video, and print) in over 100 languages, and across browser-based and mobile platforms.

Since launch in April 2013, we have grown exponentially, amassing over 30 million users in over 100 languages. We are the most valuable technology company in Australia, and one of the world’s fastest-growing technology companies in the world.

We’re a values-driven organization with an engineering mindset to all the work we do. With profitability, a recent valuation of $6bn, and an incredible talent-base, we’re even more driven to continue building out a captivating design experience for users all over the world.

We’re cementing the foundation for the future growth, stability, and safety of our business and users alike as we expand our global footprint with new offices set to open in the United States.

In order to ensure we continue to protect our users and our organization, we’re reinforcing our security capability across the board and growing out of our incident response and core security engineering.

We’re seeking talented individuals who will be responsible shaping what security engineering looks like at Canva and building out capability for analyzing and inspecting our software and systems, performing security assessments, conducting vulnerability testing, and building the tooling to expose areas of risk, and advise our development teams on how to bake security into our products and features.


  • Actively monitor Canva’s internal and production systems for possible attacks and intrusions
  • Actively respond to security events from detection through to resolution, including the rollout of solutions to prevent a recurrence
  • Proactively run threat detection exercises and search for anomalous behavior
  • Build out and develop the tools and foundations for security incident alerting, management, communication, and response
  • Maintain incident response documentation, participate in retros, and contribute to incident reports
  • Assist in the promotion of a security mindset and the establishment of best practices with across a wide range of security areas : secure development, cryptography, network security, security operations, and incident response
  • Identify trends, research, new technologies, and emerging threats models, which may impact the business
  • Contribute to projects that enhance the security positioning of the business
  • A little bit of on-call here and there!
  • Skills & Experience

  • First and foremost, have a curious detective mindset - a fascination with puzzles and be driven to solve ambiguous problems with simple solutions
  • Knowledge of web protocols, common attacks, and deep knowledge of Linux / Unix tools and architecture
  • Comfortable proficiency a modern programming language such as Python, Java, Golang, etc
  • Exposure to the cloud! Ideally AWS, but GCP or Azure would be completely fine!
  • Documentation, communication, and stakeholder management skills; the ability to work alongside technical and non-technical colleagues
  • The ability to prioritize multiple tasks and projects in a dynamic environment
  • Previous experience in Security - Engineering, Operations, Incident Response, Analysis, or Threat Research is a bonus, but not a hard requirement
  • Prior commercial experience in a Systems or Software Engineering role is also a bonus, but not a hard requirement
  • Benefits

  • Competitive salary, plus stock options via our ESOP plan
  • Flexible daily working hours, we value work-life balance
  • Breakfast and lunch prepared by our wonderful Vibe team
  • Onsite-Gym and Yoga Membership
  • End-of-Trip Facilities : Bicycle parking and showers
  • Generous parental (including secondary) leave policy
  • Pet-friendly offices
  • Internal Coaching and an Employee Wellness Program
  • Sponsored social clubs, team events, and celebrations
  • Relocation budget for interstate individuals
  • This role is open to remote applications from folks who reside within Australia.

    The Canva workspace is set up for you to do your best work and have a great time doing so, with breakout areas, little nooks, and quiet places to retreat.

    If you're seeking professional growth and enjoy working on a product suite that impacts millions of lives every single day - individual and business folks alike - then apply now to be considered for a spot on the team!

    We will not under any circumstances be accepting any CVs or resumes from recruitment agencies.

    Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form