Feb 03, 2023

Security Engineer - Threat Detection (Open to remote across ANZ)

  • Canva
  • Sydney, New South Wales, Australia

Job Description

Canva’s Commitment and Mission

At Canva, we celebrate diversity. We deeply believe that bringing together diversity of thoughts, perspectives and expression is key to building the best product, team and company. We look for many different skills and abilities, as well as how you can enhance Canva and our culture. So, even if you don’t think you quite meet all of the skills listed or tick all the boxes, we’d still love to hear from you! 

Our mission at Canva is to empower the world to design and since launching in 2013, we have grown exponentially, amassing over 100+ million monthly active users across 190 different countries and a team of over 3,000 people… and the best bit is that we’ve only achieved 1% of what we know we’re capable of. 

Join us and design your future.

About Threat Detection Engineers

As a Threat Detection Engineer, you’ll be maintaining critical threat detection services and developing the logic to catch threats at the earliest stages of the attack chain.

You will also be building automated response capabilities based on detected threats. Another responsibility will be participating in and leading hunts for potential malicious activity. Outside of this are opportunities to participate in other security initiatives across the group.

About the Security Group
The Security Group is responsible for protecting Canva systems and data from information security threats. Our teams work together, and with other groups, to deliver preventive and detective controls and processes that reduce security risk.

The group runs programs across Identity and Access Management, Application Security, Risk Management, and Threat Detection and Response domains. 

What you'll be doing!

  • Manage, maintain and utilize diverse, ever-growing collection of telemetry to develop detections for potential threats on Canva's network and systems
  • Build automation workflows to enhance response to alerts
  • Maintain systems and services vital to threat detection capabilities
  • Lead hunts for potential malicious activity on Canva's network and systems
  • Assist with Incident Response function through tactical threat detection and hunting
  • Participate in the on-call roster for threat detection & hunting
  • Assist in the promotion of a security mindset and the establishment of best practices across a wide range of security areas: secure development, cryptography, network security, security operations, and incident response
  • Identify trends, research, new technologies, and emerging threats models, which may impact the business
  • Contribute to projects that enhance the security positioning of the business

Required Experience:

  • First and foremost, have a curious detective mindset and be driven to solve ambiguous problems with simple solutions
  • Experience with Google Cloud Platform (GCP) preferred, AWS or Azure considered
  • Knowledge/Experience with threat detection engineering practices
  • Familiarity with hypothesis-based hunting and detections
  • Authoring threat detection and alert logic as code
  • Knowledge of web protocols, common attacks, and deep knowledge of Linux/Unix tools and architecture
  • Documentation, communication, and stakeholder management skills; the ability to work alongside technical and non-technical colleagues
  • The ability to prioritize multiple tasks and projects in a dynamic environment
  • High-level familiarity with a modern programming or scripting language (Python, Java, Golang, etc.)

Nice to haves; not required!

  • Subject-matter expertise of AWS and associated technologies and products within the AWS ecosystem, especially IAM and security-specific services
  • Familiarity with infrastructure as code (e.g Terraform)
  • Experience in managing Endpoint Detection and Response solutions

Working at Canva 

Our culture is unlike anywhere else and we design your #CanvaLife experience to empower you to do the best work of your life.  

Whether you’re in the office, working from home or choosing your own adventure, our benefits for permanent Canvanauts include: 

Equity packages for you to truly be a part of the Canva journey. 
We have a hybrid work model (in-office & from home), with our offices are always open to you balancing flexibility and connection
Flexible leave so you can recharge, give back, support others or focus on your own professional development.
Inclusive parental leave policy that supports all parents and carers throughout their parenting and caring journey.
An annual Vibe & Thrive allowance. This is for you to spend on whatever will support your wellbeing and development.. because you know what you need to Vibe and Thrive, better than anyone.
Virtual and in-office wellness benefits including Canva University, Employee Assistant Programs and Fitness & Meditation Classes.
Canva For Good program matching your not-for-profit donations, Force for Good leave (3 paid volunteering days) and a range of sustainability and ethical initiatives to get involved in.   

We make hiring decisions based on your experience, skills and passion. Please note that interviews are conducted virtually. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process.