Security Engineer - Infrastructure, Detection, & Site Reliability at Canva
Sydney, AU
At Canva, we’re transforming the way the world designs. Canva's user base has grown by over 10x over the last 2 years, and serves millions of users every single month, all over the world, in over 100 languages, and across web and mobile platforms.  To maintain high availability, top-notch performance, and the continued scalability of the environment as Canva grows, we've decided to grow our Infrastructure Group.  We're seeking self-motivated and talented security engineers to join us in our Sydney Global HQ.
 
Secure, scalable, powerful, and well-maintained systems are the foundations of our development and design processes.  The Security Team is responsible for ensuring the safety, resilience, and compliance of our AWS-based environment.  Working in the new and rapidly expanding team, you will ensure the security of the Canva environment for our millions of users all over the world.  
 
This is not a stock standard security role with corporate jargon, month-long waits on approvals, khaki pants, and water-cooler conversations -- this is an opportunity to be a foundational member of Canva’s security team, working alongside engineers with previous experience at Google, JetBrains, SpaceX, Facebook, etc. - to have a profound impact on shaping the standards and culture of Security Engineering at Canva

Responsibilities

  • Broad Site Reliability and Security activities that improve the security fabric of our AWS virtual machine infrastructure.
  • In concert with deploy-team, initial work will be ensuring we have secure base machine configurations, OSs and deployments
  • Reviewing our OS images and providing security support for alternative security platform work (e.g. Kubernetes)
  • Improving the security of our network controls, and working with other engineers to harden our AWS account and identity environment
  • Building relationships and educating key stakeholders across the business and technology teams around best practice security
  • Conduct security reviews of core corporate and production infrastructure
  • Building out our ability to identify and act on anomalies in our production and corporate environments, and developing response plans and tooling to act appropriately when something bad happens
  • Increasing our insight into our environment across our company platforms, and improving our ability to conditionally grant access to Canva infrastructure based on risk
  • Drive large-scale focused security improvements to Canva products and services

Requirements

  • Three (3) or more years of experience as a DevOps or Site Reliability Engineer; with a focus on infrastructure Security
  • Experience developing infrastructure and tools from scratch in Python, Java, Bash, or Golang
  • Experience supporting large-scale distributed Linux environments in Amazon Web Services (AWS)
  • Experience with database security and related concerns – we run MySQL, Mongo, Cassandra, and a few other database technologies and services
  • Familiar with security issues across OS / Server hardening (Linux), 2FA / bastion, SSL, VPN, and broad network security concepts
  • Familiar with virtualization and containerization with technologies such as Mesos, Kubernetes, Rancher, Docker Cloud, AWS ECS
  • An understanding of the DevOps ecosystem concerning tooling, Continuous Delivery, Continuous Integration, Infrastructure as Code
  • Excellent verbal and written communication skills; strong soft skills managing both technical and non-technical stakeholders
  • Be self-motivated with a strong sense of ownership over complex problems and their possible solutions

Benefits

  • Competitive salary, plus equity options
  • Flexible working hours, we value work-life balance
  • In-house chefs that cook delicious breakfast and lunch for us each day
  • Free Gym and Yoga Membership
  • Generous parental (including secondary) leave policy
  • Pet-friendly offices
  • Sponsored social clubs and team events
  • Fun and quirky celebrations
  • Relocation budget for interstate or overseas individuals (see below for visa information)
  • The Canva workspace is set up for you to do your best work and have a great time doing so, with breakout areas, little nooks, and quiet places to retreat