Security Engineer - Endpoint and Device Fleet at Canva
Sydney, AU

At Canva, we’re transforming the way the world designs. We are well on our journey as a startup - a profitable one (and currently the most valuable private tech company in Australia). As we continue that journey, we are seeking engineers with a good blend of web development and corporate infrastructure to join us in our HQ in Sydney. 

Secure, scalable, well-maintained systems are the foundation of our development and design processes and we want to bring that same thirst for excellence into our company technology operations.  This is an opportunity to be the crucial member of Canva’s Internal Infrastructure Team, playing a key role in the global expansion of one of the world’s most exciting technology companies.

Currently, in our Sydney HQ, we have over 600 people over 6 floors, conference rooms, multi-use presentation spaces, a cafeteria, and a rooftop bar and cafe.  We have no plans to grow into a large corporate entity with layers of middle management and archaic processes - but instead, continue our progressive approach to the workplace, using engineering to codify the unique ways in which we work.

As an individual contributor, this person will be the Internal Infrastructure Team's expert for the overall security of all Canva issued devices and security configuration of SaaS apps Internal Infrastructure manages. Whilst the rest of Internal Infrastructure Team shares much of this responsibility, we are after someone with strong development chops - who will build tools from the ground up as well as leverage solutions to help us monitor and secure our fleet of 1000+ devices.


Building solutions to protect company users from executing malicious binaries and being able to access unsafe content on the Internet

Building and implementing endpoint visibility/monitoring solution which enables us to detect breaches, suspicious activity and security configuration issues on user laptops

Devising and executing a network security project (e.g. integrating WiFi with our identity provider, protecting us from WiFi spoofing, port security etc.). This would include building systems for log capture and analysis of events to detect malicious activities and anomalies

Broad responsibility for strategies and policies with respect how we manage the security of our wider device fleet and the tools we use as a business

Lend a hand to support general office infrastructure projects (e.g. establishing new office locations) and managing SaaS apps

Investigating any security incidents

Security review of tooling requests (e.g. extension installation)

Liaising with the Security and Compliance team for certification needs

Assisting with onboarding and security principles training for new starters and current staff

Required Experience & Skills

Demonstrated experience as a security expert, with experience securing corporate / internal company infrastructure

Proficient coding and automation skills

Experience driving large projects from initial scoping to delivery and completion

Previous experience in systems, network, or broad infrastructure engineering

The ability to make good trade-offs where needed (e.g. focus on what’s important first, iterate upon solutions, accept manual or less complete solutions for the short term, and capable of fighting shiny ball syndrome)

You enjoy taking responsibility and claiming ownership of areas for improvement.

You have the ability to adapt well and multi-task amidst changing priorities in a fast-paced and often ambiguous environment

Benefits & Perks

Competitive salary, plus stock options via our ESOP plan

Flexible daily working hours, we value work-life balance

Breakfast and lunch prepared by our wonderful Vibe team

Onsite-Gym and Yoga Membership

End-of-Trip Facilities: Bicycle parking and showers

Generous parental (including secondary) leave policy

Pet-friendly offices

Internal Coaching and Employee Support Programs

Sponsored social clubs, team events and celebrations.