Oct 13, 2021

Audit Manager - Security Governance, Risk & Compliance

  • Canva
  • Sydney NSW, Australia

Job Description

We’re constantly working towards making Canva the best place to work, for everyone. We believe deeply that bringing together diversity of thoughts, perspectives and expression is key for building the best product for our equally diverse community all around the world. We celebrate uniqueness and whatever makes you, you and encourage everyone who wants to help us transform the way the world designs, to join us on this journey. We value all different types of experiences. If you don’t think you quite meet all of the qualifications, we’d still love to hear from you.  

About Us
At Canva, our mission is to democratise design and empower creativity for anyone and everyone, on every platform. Inspired by a team of talented thinkers, an amazing culture and a remarkable growth trajectory – we’re out to change the world, one design at a time. 

Since launch in August 2013, we have grown exponentially, amassing over 60 million monthly active users across 190 different countries who have created more than 6 Billion designs. We are one of the world’s fastest-growing technology companies and we have only achieved about 1% of what we want to do.

About the Audit Manager
At Canva, we’re looking to ensure that the way we handle information security across the organisation is in tip-top shape, which is why the effectiveness of our audit activities is critical. As an Audit Manager, it is your mission to work closely with both staff across the organisation and with our audit partners to ensure that our audit activities run smoothly. You’ll also work with teams to improve the way that they record and measure the effectiveness of their own security activities so that both we and our customers can have the utmost confidence in our security control environment.

About the Security Group
The Security Group is responsible for protecting Canva systems and data from information security threats. Our teams work together, and with other groups, to deliver preventive and detective controls and processes that reduce security risk. The group runs programs across Identity and Access Management, Application Security, Governance, Risk and Compliance, and Threat Detection and Response domains.  

Key Responsibilities

  • Planning and coordinating internal and external security audit activities.
  • Identifying and preparing Canva staff from across the organisation for participation in audits.
  • Working closely with our audit partners during the audit process.
  • Coordinating the collection of audit evidence.
  • Recording audit findings and working with relevant Canva staff to update the status of improvements and remedial actions.
  • Providing input into management reporting.
  • Working with teams to improve testing and metrics methodologies to evaluate the effectiveness of controls.
  • Identifying and implementing measures to improve the operation of our audit activities.

Required Experience

  • Minimum 3 years experience in coordinating internal and external audits.
  • Experience with coordinating stakeholders across all levels of an organisation.  
  • Familiarity with industry IT risk management and security certifications and standards (ISO 27001, SOC 2, PCI DSS).
  • Strong verbal and written communication skills.
  • Experience working closely with both technical and non-technical teams.
  • Experience navigating complex environments.
  • Experience building new and scalable processes.
  • A high level of attention to detail.
  • A continuous improvement mindset.

Beneficial Experience (not required, but helpful)

  • Familiarity with Amazon Web Services and the security offerings and controls that they provide.
  • Experience with Atlassian Jira, Confluence.

Benefits & Total Rewards

  • Competitive salary, plus stock options via our ESOP plan
  • Flexible daily working hours, we value work-life balance
  • Breakfast and lunch prepared by our wonderful Vibe team
  • Onsite-Gym and Yoga Membership
  • End-of-Trip Facilities: Bicycle parking and showers
  • Vibe and Thrive Allowance to support health and wellness
  • Generous parental (including secondary) leave policy
  • Pet-friendly offices
  • Internal Coaching and Employee Support Programs
  • Sponsored social clubs, team events, and celebrations
Sorry, we will not accept CVs from recruitment agencies. Please apply directly to be eligible.

We make hiring decisions based on your experience, skills and passion. If you’re keen to apply and need reasonable adjustments or would like to note which pronouns you use at any point in the application or interview process, please let us know.