We’re constantly working towards making Canva the best place to work, for everyone. We believe deeply that bringing together diversity of thoughts, perspectives and expression is key for building the best product for our equally diverse community all around the world. We celebrate uniqueness and whatever makes you, you and encourage everyone who wants to help us transform the way the world designs, to join us on this journey. We value all different types of experiences. If you don’t think you quite meet all of the qualifications, we’d still love to hear from you. About Us
At Canva, our mission is to democratise design and empower creativity for anyone and everyone, on every platform. Inspired by a team of talented thinkers, an amazing culture and a remarkable growth trajectory – we’re out to change the world, one design at a time.
Since launch in August 2013, we have grown exponentially, amassing over 60 million monthly active users across 190 different countries who have created more than 6 Billion designs. We are one of the world’s fastest-growing technology companies and we have only achieved about 1% of what we want to do.
In order to ensure we continue to protect our users and our organization, we’re reinforcing our security capability across the board and growing our incident response and core security engineering teams. We’re seeking talented individuals who will be responsible for shaping what security engineering looks like at Canva by building out our capability for detecting and responding to threats targeting our software and systems, performing security assessments, building the tooling to detect and respond to threats, and advising our development teams on how to bake security into our products and features.
This hands-on role will be primarily focused on the protection and hardening of Canva's network and Canvanaut machines. The role will also help manage and maintain new capabilities to detect theft of confidential data or PII.
- Actively harden Canva’s internal and production systems to prevent or minimize possible attacks and intrusions
- Build out and develop the tools and foundations for secure configuration management for our end-user compute fleet.
- Pro-actively manage & maintain our Data Loss Prevention capabilities
- Assist in the promotion of a security mindset and the establishment of best practices across a wide range of security areas: secure development, cryptography, network security, security operations, and incident response
- Identify trends, research, new technologies, and emerging threats models, which may impact the business
- Contribute to projects that enhance the security of Canva
- First and foremost, have a curious detective mindset and be driven to solve ambiguous problems with simple solutions
- Knowledge of web protocols, common attacks, and deep knowledge of Linux/Unix tools and architecture
- Exposure to the cloud! Ideally AWS, but GCP or Azure would be completely fine!
- Documentation, communication, and stakeholder management skills; the ability to work alongside technical and non-technical colleagues
- The ability to prioritize multiple tasks and projects in a dynamic environment
- Reasonable familiarity with any modern programming or scripting language (Python, Java, Golang, etc.)
Beneficial Experience (helpful, not required)
- Previous experience in Security - Engineering, Operations, Incident Response, Analysis, Insider Threat or Threat Research is a bonus, but not a hard requirement
- Prior commercial experience in a Systems or Software Engineering role is also a bonus, but not a requirement
- Competitive salary, plus stock options via our ESOP plan
- Flexible daily working hours, we value work-life balance
- Breakfast and lunch prepared by our wonderful Vibe team
- Onsite-Gym and Yoga Membership
- End-of-Trip Facilities: Bicycle parking and showers
- Generous parental leave policy
- Pet-friendly offices
- Internal Coaching and an Employee Wellness Program
- Sponsored social clubs, team events, and celebrations
- Relocation budget for interstate individuals to move to Sydney
This role is open to remote applications from folks who reside within Australia or New Zealand.We will not review or consider unsolicited agency CVs.
We make hiring decisions based on your experience, skills and passion. If you’re keen to apply and need reasonable adjustments or would like to note which pronouns you use at any point in the application or interview process, please let us know.