We’re constantly working towards making Canva the best place to work, for everyone. We believe deeply that bringing together diversity of thoughts, perspectives and expression is key for building the best product for our equally diverse community all around the world. We celebrate uniqueness and whatever makes you, you and encourage everyone who wants to help us transform the way the world designs, to join us on this journey. We value all different types of experiences. If you don’t think you quite meet all of the qualifications, we’d still love to hear from you.
At Canva, our mission is to democratise design and empower creativity for anyone and everyone, on every platform. Inspired by a team of talented thinkers, an amazing culture and a remarkable growth trajectory – we’re out to change the world, one design at a time.
Since launch in August 2013, we have grown exponentially, amassing over 60 million monthly active users across 190 different countries who have created more than 6 Billion designs. We are one of the world’s fastest-growing technology companies and we have only achieved about 1% of what we want to do.
You'll be joining the Gateway Team, a sub-team of the broader Infrastructure Group responsible for the front line of our microservices, as well as the journey a request takes while travelling from one service to another. Gateway’s work is based on three cornerstones: reliability, security, and velocity. We want to ensure that every request that hits Canva goes through the Gateway components, at ludicrous speeds, and that the developers who work on the platform can be efficient and productive.
This role is based in our Sydney office. However, it is remote-friendly for applicants physically based anywhere in Australia or in New Zealand.
- Improve our ability to detect evil up and down the network stack, at the edge, and within the fabric of our infrastructure
- As an individual contributor, design and implement tooling for managing Canva’s edge setup - domains, certificates, WAF rules in a secure manner
- Protecting Canva's reputation through bot management, domain protection, and abuse detection both within Canva and on the wider internet
- As a security specialist, identifying opportunities to enhance the security of internal and public-facing flows
- Improving and proposing changes to the way all of the requests that flow through Canva are authenticated and authorized
- Ensuring that network flows are secured, and web properties have the right security settings to protect our Users' data
- Researching, developing, and justifying the best choices in the form of design docs for tools and processes that will shape the future of security at Canva
- Participating in design meetings, hiring interviews, and code reviews
Required Skills & Experience
- Experience developing with one of the mainstream programming languages: Java/C++/Typescript/Go. However, our services and libraries are primarily written in Java
- Experience working in cloud environments - we're AWS and Cloudflare - but experience with any of the major cloud providers and Fastly, Akamai, or any other major CDNs would be awesome!
- Knowledge of attacks along with defense against the dark arts: web attacks, DDoS, bot management, intrusion detection, etc.
- Knowledge of networking protocols such as TCP, HTTP/2, WebSockets, and the security measures and best practices in service delivery
- Security certifications are less important than security thinking: Prior experience as an (ethical) attacker or defender where the work involves an understanding of attacker methodologies, system vulnerabilities, countermeasures, and detection
- Great knowledge of internet plumbing (lots of three-letter-acronyms here: DNS, TLS, CDN, PKI) and approaches to sustain a zero-trust internal service model
- Disciplined coding practices, experience with code reviews and pull requests and a creative and conceptual problem-solving approach as opposed to framework or library-focused; We strive to build fast and lean solutions; not library/framework-heavy patchwork
- Strong communication and team collaboration skills, both written and verbal. As a security engineer, you will need to share knowledge, communicate, and coordinate changes across multiple service teams
Bonus points if ...
- ... you have RPC Frameworks, Finagle, Thrift or gRPC will be a huge plus; Understanding of how services communicate is important to ensure that the data they exchange is secure
- Competitive salary, plus stock options via our ESOP plan
- Flexible daily working hours, we value work-life balance
- Breakfast and lunch prepared by our wonderful Vibe team
- Onsite-Gym and Yoga Membership
- End-of-Trip Facilities: Bicycle parking and showers
- Generous parental (including secondary) leave policy
- Pet-friendly offices
- Internal Coaching and an Employee Wellness Program
- Sponsored social clubs, team events, and celebrations
- Relocation budget for interstate individuals who would like to relocate to Sydney
The Canva workspace is set up for you to do your best work and have a great time doing so, with breakout areas, little nooks, and quiet places to retreat.
If you're seeking professional growth and enjoy working on a product suite that impacts millions of lives every single day - individual and business folks alike - then apply now to be considered for a spot on the team!
We will not under any circumstances be accepting any CVs or resumes from recruitment agencies.
We make hiring decisions based on your experience, skills and passion. If you’re keen to apply and need reasonable adjustments or would like to note which pronouns you use at any point in the application or interview process, please let us know.