Security Engineer

5 days ago


Sydney, New South Wales, Australia Canva Full time $120,000 - $200,000 per year

Company Description
Join the team redefining how the world experiences design.
Hey, g'day, mabuhay, kia ora, 你好, hallo, vítejte

Thanks for stopping by. We know job hunting can be a little time-consuming, and you're probably keen to find out what's on offer, so we'll get straight to the point.

Where And How You Can Work
Our flagship campus is in Sydney. We also have a campus in Melbourne and co-working spaces in Brisbane, Perth and Adelaide. But you have a choice in where and how you work. That means if you want to do your thing in the office (if you're near one), at home or a bit of both, it's up to you.

What You'd Be Doing In This Role
As Canva scales change continues to be part of our DNA. But we like to think that's all part of the fun. So this will give you the flavour of the type of things you'll be working on when you start, but this will likely evolve.

Job Description
About the Security Group / Team
Canva's goal is to create the world's most trusted platform, which makes security a top priority. As our product, platforms, infrastructure, and corporate environments grow and evolve, so too does our need to respond to an ever-increasing threat landscape.

The Security Group is responsible for protecting Canva systems and data from information security threats. Our teams work together and with other groups to deliver preventive and detective controls and processes that reduce security risk. The group runs programs across Identity and Access Management, Application Security, Risk Management, and Threat Detection and Response domains.

The Red Team focuses on emulating adversaries and testing Canva's ability to detect and respond to them. We're constantly identifying new and innovative attack techniques, reviewing the latest industry trends, and mapping out credible attack scenarios to run against Canva.

As a Red Team Security Engineer, your mission is to work together with Threat Intelligence, Detection & Response and Application Security teams to ensure that Canva is prepared and able to effectively respond to these real-world threats.

At The Moment, This Role Is Focused On

  • Planning, designing, and executing sophisticated threat scenarios that emulate realistic adversary techniques to identify vulnerabilities and response gaps in Canva's product, platform and infrastructure.
  • Researching viable attack paths and demonstrating how the risks may apply to Canva through stealth operations and collaborative purple team engagements.
  • Collaborating closely with security incident responders to continuously uplift Canva's threat detection and response capabilities.
  • Engaging with cross-functional teams across Canva to communicate risks, provide recommendations and develop effective risk mitigation strategies for enhancing security posture.
  • Providing technical guidance, mentoring, and support to engineers conducting security assessments and vulnerability analysis.
  • Communicate and present operational outcomes at various levels of the business, including internal teams and the wider engineering organisation, as well as product owners and leadership.

You're probably a match if you have

  • Demonstrated experience as an offensive security engineer and performing team engagements from reconnaissance through to actioning on objectives.
  • Ability to effectively communicate operational findings, risk ratings and recommendations to technical and non-technical stakeholders; build rapport with engineering and security teams to drive post-engagement outcomes.
  • Practical experience with offensive security tools and techniques, and how they can be applied within a complex business environment; experience operating offensive tooling and infrastructure (e.g. C2 frameworks, short haul vs. long haul infrastructure).
  • Continuous development of knowledge around current and emerging security threats, and how those threats could impact Canva.
  • Experience exploiting macOS and Linux endpoints, as well as corporate SaaS environments.
  • Solid foundational understanding of cloud infrastructure platforms (e.g. AWS, GCP).
  • Software development experience, with proficiency in either Golang or Python

What's in it for you?
Achieving our crazy big goals motivates us to work hard - and we do - but you'll experience lots of moments of magic, connectivity and fun woven throughout life at Canva, too. We also offer a stack of benefits to set you up for every success in and outside of work.

Here's a Taste Of What's On Offer

  • Equity packages - we want our success to be yours too
  • An inclusive parental leave policy that supports all parents & carers
  • An annual Vibe & Thrive allowance to support your wellbeing, social connection, office setup & more
  • Flexible leave options that empower you to be a force for good, take time to recharge and support you personally

Check out for more info.

Other Stuff To Know
We make hiring decisions based on your experience, skills and passion, as well as how you can enhance Canva and our culture. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process.

Please note that interviews are conducted virtually.


  • Security Engineer

    7 days ago


    Sydney, New South Wales, Australia Cover Genius Full time $120,000 - $180,000 per year

    About The CompanyCover Genius is a Series E Insurtech that protects the global customers of the world's largest digital companies including Booking Holdings, owner of Priceline, Kayak and , Intuit, Hopper, Skyscanner, Ryanair, Turkish Airlines, Descartes ShipRush, Zip and SeatGeek. We're also available at Amazon, Flipkart, eBay, Wayfair and SE Asia's largest...

  • Security Engineer

    5 days ago


    Sydney, New South Wales, Australia Hamilton Barnes 🌳 Full time $90,000 - $120,000 per year

    Job Title:Security EngineerLocation:Sydney, NSW (Hybrid)Employment Type:Full-TimeAbout the Company:We are a growing cybersecurity provider supporting SME and Midmarket clients across NSW. Our focus is on delivering high-quality security projects and ongoing operational support, helping clients protect their network, cloud, and endpoint environments.Role...


  • Sydney, New South Wales, Australia Robert Half Full time $80,000 - $120,000 per year

    THE COMPANYThis company is a successful and growing mid-sized Superannuation firm who employ circa 180 staff across Australia.What's on offer?Mainly remote working - 6 days in the office / month.Involvement in a large security remediation / uplift project.Flat organisational structure where you can take ownership and help shape / influence change.Newly...

  • Security Engineer

    1 week ago


    Sydney, New South Wales, Australia Mode Talent Group Australia Full time $100,000 - $140,000 per year

    Security Engineer | SydneyMake an ImpactWe are looking for aSecurity Engineerwho is passionate about protecting systems, data, and people. In this role, you will build resilient security infrastructure, defend against threats, and help shape best practices that keep our technology safe and reliable.What You'll DoAutomate security processes to strengthen...

  • Security Engineer

    7 days ago


    Sydney, New South Wales, Australia Vicinity Centres Full time $120,000 - $140,000 per year

    We're reimagining the way Australians live, work, and play. We own and manage some of the most recognisable and loved retail destinations across Australia.We're evolving our portfolio into destinations that offer a broad selection of retail, residential, and office spaces. Through our diverse portfolio, data-led decision-making, and nationwide development...

  • Security Engineer

    2 weeks ago


    Sydney, New South Wales, Australia Umbrella Club Full time $90,000 - $120,000 per year

    PAM Engineer (BeyondTrust) – 3 Month ContractWe're looking for aPAM Engineerwith hands-onBeyondTrustexpertise for a 3-month contract.What you'll do:Implement and support BeyondTrust PAM solutions.Manage privileged access, password vaulting & session controls.Integrate with AD / Azure AD and security tools.What you bring:Proven BeyondTrust experience...

  • Security Engineer

    7 days ago


    Sydney, New South Wales, Australia Kaizen Global Technologies Full time $120,000 - $180,000 per year

    Employment: Permanent RoleExperience: 7+ yearsLocation: Sydney/Melbourne, Australia - HybridEligibility: Candidates must have the right to work in Australia (Citizen, PR, Valid Visa holders)Responsibilities:Integrate Bitbucket Cloud audit logs with SIEM (Guardian).Configure Cloudflare protections (API Schema Validation, DDoS, Bots, Abuse Detection).Set up IP...


  • Sydney, New South Wales, Australia SKL Technology Full time $120,000 - $180,000 per year

    Permanent Role - Cloud Security Engineer based in Upper North Shore.OverviewThe Cloud Security Engineer is responsible for the end-to-end management of the organisation's cloud infrastructure and security operations.This stand-alone role combines cloud systems engineering with cybersecurity expertise, ensuring a secure, resilient, and compliant Azure cloud...


  • Sydney, New South Wales, Australia Google Full time $120,000 - $180,000 per year

    At Google, we have a vision of empowerment and equitable opportunity for all Aboriginal and Torres Strait Islander peoples and commit to building reconciliation through Google's technology, platforms and people and we welcome Indigenous applicants. Please see our Reconciliation Action Plan for more information.Minimum qualifications:Bachelor's degree or...


  • Sydney, New South Wales, Australia TheDriveGroup Full time $80,000 - $140,000 per year

    An innovative defence technology company is seeking aSenior Corporate Security Engineerto join its Security team in Sydney. This team plays a key role in protecting corporate infrastructure and users against sophisticated adversaries using state-of-the-art tooling.The successful candidate will be responsible for improving and automating corporate security...