Join the team redefining how the world experiences design.

Hey, hello, hiya, g'day, mabuhay, kia ora, 你好, hallo, vítejte!

Thanks for stopping by. We know job hunting can be a little time consuming and you're probably keen to find out what's on offer, so we'll get straight to the point.

Where and how you can work

Collingwood is home to our Melbourne campus - a vibrant, creative hub for connection and impactful work. While Sydney is home to our HQ, Melbourne brings its own unique vibe, with local artwork, lush greenery, and thoughtfully designed spaces to help you collaborate, focus, and feel part of a welcoming community.

This role is based in Melbourne, and we’re looking for someone who calls it home. Our hybrid way of working gives you the flexibility to work remotely, and to come together on campus for meaningful in-person collaboration and connection when it matters most.

What you’d be doing in this role

As Canva scales change continues to be part of our DNA. But we like to think that's all part of the fun. So this will give you the flavour of the type of things you'll be working on when you start, but this will likely evolve.

As a Senior Security Engineer, you will deliver high-impact security engineering solutions across our detection and platform engineering service streams. You will design and implement detection capabilities, automate security workflows, and enhance our security platform infrastructure. Your work will directly strengthen Canva's security posture by enabling faster threat detection, reducing analyst toil through automation, and scaling our security operations capabilities.
We are not looking for someone who checks every single box, we’re looking for lifelong learners and people who can make us better with their unique experiences.

• Leading incident response coordination and acting as escalation point for security incidents across Canva's cloud-native infrastructure, including participation in the on-call rotation

• Investigating and triaging security alerts, coordinating containment, eradication, and recovery activities across a range of security events

• Leading and contributing to post-incident reviews, translating incident learnings into improved detections, playbooks, and response processes

• Building and maintaining automation workflows and response playbooks that streamline investigation, triage, and response, reducing analyst toil and improving mean-time-to-respond

• Partnering with CTI, Application Security, and Red Team to turn threat intelligence and emerging risks into practical detection and response outcomes

• Developing and improving security response tooling and capabilities across areas including case management, automation, SOAR, SIEM, and forensics

You're probably a match if 

• You have demonstrable experience in incident response, DFIR, or security operations, with a proven track record coordinating security events from detection through resolution

• You've worked extensively with enterprise security platforms including SIEM (Elastic Security, Splunk, or similar), EDR (SentinelOne, CrowdStrike, Microsoft Defender, or similar), and SOAR platforms

• You have an investigative mindset with the ability to solve ambiguous security problems and make risk-based decisions under pressure

• You possess working knowledge in at least one of the major cloud providers (AWS, GCP, or Azure) and cloud attack techniques.

• You have working knowledge of infrastructure-as-code (Terraform/Ansible) and DevOps practices

• You excel at documentation, communication, and stakeholder management during incidents

• You are proficient in scripting and programming languages (Python, Go, or similar)

• You have experience with advanced detection techniques: behavioural analytics, anomaly detection, GenAI workflows and GenAI harnesses

Beneficial Experience (not required, but helpful)

• Experience with Threat Hunting or Threat Intelligence

• Background in forensic acquisition and analysis, including maintaining chain of custody

• Incident response in containerised and Kubernetes environments

• Publishing research in blogs or contributing to open-source security tools

About the team

The Detection & Response organisation protects Canva from security threats through detection, investigation, incident response, and security operations. We operate at the intersection of security engineering and security operations, building and improving the capabilities, workflows, and tools that enable Canva to identify, investigate, and respond to threats at scale.

What's in it for you?

Achieving our crazy big goals motivates us to work hard - and we do - but you'll experience lots of moments of magic, connectivity and fun woven throughout life at Canva, too. We also offer a stack of benefits to set you up for every success in and outside of work.

Here's a taste of what's on offer:

• Equity packages - we want our success to be yours too

• Inclusive parental leave policy that supports all parents & carers

• An annual Vibe & Thrive allowance to support your wellbeing, social connection, office setup & more

• Flexible leave options that empower you to be a force for good, take time to recharge and supports you personally

Check out lifeatcanva.com for more info.

Other stuff to know

We see AI as a powerful amplifier of creativity and technology at Canva. We’re evolving how we assess AI skills in our Technology hiring experience - you’ll tackle interactive, real-time challenges that reflect the kind of work we do. In some interviews, you may also be asked to solve a problem using an AI tool to show how you approach challenges with tech by your side. Your recruitment partner will walk you through what to expect.

We make hiring decisions based on your experience, skills and passion, as well as how you can enhance Canva and our culture. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process.

Please note that interviews are conducted virtually.