Oct 13, 2021

Security Engineering Manager - AppSec & IAM

  • Canva
  • Sydney NSW, Australia

Job Description

We’re constantly working towards making Canva the best place to work, for everyone. We believe deeply that bringing together diversity of thoughts, perspectives and expression is key for building the best product for our equally diverse community all around the world. We celebrate uniqueness and whatever makes you, you and encourage everyone who wants to help us transform the way the world designs, to join us on this journey. We value all different types of experiences. If you don’t think you quite meet all of the qualifications, we’d still love to hear from you.  

About Us
At Canva, our mission is to democratise design and empower creativity for anyone and everyone, on every platform. Inspired by a team of talented thinkers, an amazing culture and a remarkable growth trajectory – we’re out to change the world, one design at a time. 

Since launch in August 2013, we have grown exponentially, amassing over 60 million monthly active users across 190 different countries who have created more than 6 Billion designs. We are one of the world’s fastest-growing technology companies and we have only achieved about 1% of what we want to do.

About Security Engineering Managers
At Canva, we’re all constantly striving towards our Crazy Big Goals! As the features and services of our product suite evolve, we’re setting some large and ambitious goals. We need to be able to ship robust and secure features without sacrificing speed and scale of delivery, which is where our Security Engineering Managers come in. 

As a Senior Security Engineering Manager, it is your mission to lead teams of talented security engineers to make delivering secure products and features the easiest path for software engineers to follow. You will define security strategies and roadmaps for your services, and support your teams to solve complex security problems at scale.
 
About the Security Group
The Security Group is responsible for protecting Canva systems and data from information security threats. Our teams work together, and with other groups, to deliver preventive and detective controls and processes that reduce security risk. The group runs programs across Identity and Access Management, Application Security, Risk Management, and Threat Detection and Response domains.  

What you'll be doing

  • Drive delivery of Application Security and Identity and Access Management solutions for our large-scale, cloud-native and SaaS application stack, from ideation to completion within start-up time frames, to securely support Canva’s rapid growth
  • Support a security-first engineering culture by making the optimally secure solution the easiest one for software engineering teams to use 
  • Driving technical strategy and providing leadership to your team in a fast-paced, innovation-focused environment
  • Foster a culture of communication, bridging the communication gap between teams, group, and company leadership
  • Invest in working with engineers on growth and development opportunities to help further their skillset and grow into new roles, with an ability to deliver relevant and timely feedback (positive & constructive) to help them to continuously improve and learn
  • Be heavily involved in hiring; build and grow high-performing and highly engaged teams of world-class engineers by attracting, interviewing, and selecting talent for your group
  • Coordinating and communicating across various specialties and parts of the business to understand the impact and feasibility of strategy goals within the group
  • Drive delivery of large, cross-team and cross-group initiatives and projects from ideation to completion.

Required Experience

  • Five or more (5+) years of technical and people leadership as a manager of managers / leader of leads
  • Previously built high-performing and collaborative teams where everyone is able to share their best ideas and be their best selves
  • Previous experience as a Software or Security Engineer - in tune with software engineering fundamentals and security first principles
  • Subject matter expertise in one or more of Application Security, Vulnerability Management, and Identity and Access Management domains
  • Previous experience in cloud-based environments (AWS, Google Cloud, Azure) with a working knowledge of broad infrastructure functions - CI/CD pipelines, automation, site reliability etc.
  • Excellent written and verbal communication skills; with the ability to work with a diverse range of individuals from different backgrounds, with different expertise, and with different professional and personal needs
  • Experience making careful engineering tradeoffs, particularly around "Build vs Buy", evaluating potential third party systems to partner with, and managing and working with vendors to meet Canva's business needs
  • Strong customer focus to understand the use cases and requirements of internal stakeholders, and identify opportunities to empower them to do their best work
  • Be capable of leading by example - promoting Canva’s values, no-blame mentality, and engineering values.

Beneficial Experience (not required, but helpful)

  • Subject-matter expertise of Amazon Web Services and associated technologies and products within the AWS ecosystem, especially IAM and security-specific services
  • Previous experience leading teams to scale security solutions through automation, continuously reducing the tax that security requirements can impose on software development and operations
We make hiring decisions based on your experience, skills and passion. If you’re keen to apply and need reasonable adjustments or would like to note which pronouns you use at any point in the application or interview process, please let us know.