Security Engineers - Application & Cloud Infrastructure at Canva
Sydney, AU

At Canva, we’re transforming the way the world designs. Canva's user base has grown by over 10x over the last 2 years, and serves millions of users every single month, all over the world, in over 100 languages, and across web and mobile platforms.  To maintain high availability, top-notch performance, and the continued scalability of the environment as Canva grows, we've decided to grow our Infrastructure Group.  We're seeking self-motivated and talented security engineers to join us in our Sydney Global HQ.

Secure, scalable, powerful, and well-maintained systems are the foundations of our development and design processes.  The Security Team is responsible for ensuring the safety, resilience, and compliance of our AWS-based environment.  Working in the new and rapidly expanding team, you will ensure the security of the Canva environment for our millions of users all over the world.  

This is not a stock standard security role - this is an opportunity to be a foundational member of Canva’s security team. Based out of our global HQ in Sydney, you will be working alongside engineers with previous experience at Google, JetBrains, SpaceX, Facebook, etc to build and shape the standards and culture of Security Engineering at Canva as we continue to expand our international footprint.

Responsibilities

Broad Site Reliability and Security activities that improve the security fabric of our AWS virtual machine infrastructure.

In concert with deploy-team, initial work will be ensuring we have secure base machine configurations, OSs and deployments

Reviewing our OS images and providing security support for alternative security platform work (e.g. Kubernetes)

Improving the security of our network controls, and working with other engineers to harden our AWS account and identity environment

Building relationships and educating key stakeholders across the business and technology teams around best practice security

Conduct security reviews of core corporate and production infrastructure

Building out our ability to identify and act on anomalies in our production and corporate environments, and developing response plans and tooling to act appropriately when something bad happens

Increasing our insight into our environment across our company platforms, and improving our ability to conditionally grant access to Canva infrastructure based on risk

Drive large-scale focused security improvements to Canva products and services

Requirements

Three (3) or more years of experience as a Security Engineer

Experience developing infrastructure and tools from scratch in Python, Java, Bash, or Golang

Experience supporting large-scale distributed Linux environments in Amazon Web Services (AWS)

Experience with database security and related concerns – we run MySQL, Mongo, Cassandra, and a few other database technologies and services

Familiar with security issues across OS / Server hardening (Linux), 2FA / bastion, SSL, VPN, and broad network security concepts

Familiar with virtualization and containerization with technologies such as Mesos, Kubernetes, Rancher, Docker Cloud, AWS ECS

An understanding of the DevOps ecosystem concerning tooling, Continuous Delivery, Continuous Integration, Infrastructure as Code

Excellent verbal and written communication skills; strong soft skills managing both technical and non-technical stakeholders

Be self-motivated with a strong sense of ownership over complex problems and their related solutions

Benefits

Competitive salary, plus equity options

Flexible working hours, we value work-life balance

In-house chefs that cook delicious breakfast and lunch for us each day

Free Gym and Yoga Membership

Generous parental (including secondary) leave policy

Pet-friendly offices

Sponsored social clubs and team events

Fun and quirky celebrations

Relocation budget for interstate or overseas individuals (see below for visa information)