Job Summary

This is not a stock standard security role with corporate jargon, month-long waits on approvals, khaki pants, and water-cooler conversations -- this is an opportunity to be a foundational member of Canva’s security team, working alongside engineers with previous experience at Google, JetBrains, SpaceX, Facebook, etc. - to have a profound impact on shaping the standards and culture of Security Engineering at Canva


  • Broad Site Reliability and Security activities that improve the security fabric of our AWS virtual machine infrastructure.
  • In concert with deploy-team, initial work will be ensuring we have secure base machine configurations, OSs and deployments
  • Reviewing our OS images and providing security support for alternative security platform work (e.g. Kubernetes)
  • Improving the security of our network controls, and working with other engineers to harden our AWS account and identity environment
  • Building relationships and educating key stakeholders across the business and technology teams around best practice security
  • Conduct security reviews of core corporate and production infrastructure
  • Building out our ability to identify and act on anomalies in our production and corporate environments, and developing response plans and tooling to act appropriately when something bad happens
  • Increasing our insight into our environment across our company platforms, and improving our ability to conditionally grant access to Canva infrastructure based on risk
  • Drive large-scale focused security improvements to Canva products and services


  • Three (3) or more years of experience as a Security Engineer; with a focus on cloud infrastructure - AWS, Google Cloud, or Azure
  • Experience developing infrastructure and tools from scratch in Python, Java, Bash, or Golang
  • Experience supporting large-scale distributed Linux environments in Amazon Web Services (AWS)
  • Experience with database security and related concerns - we run MySQL, Mongo, Cassandra, and a few other database technologies and services
  • Familiar with security issues across OS / Server hardening (Linux), 2FA / bastion, SSL, VPN, and broad network security concepts
  • Familiar with virtualization and containerization with technologies such as Mesos, Kubernetes, Rancher, Docker Cloud, AWS ECS
  • An understanding of the DevOps ecosystem concerning tooling, Continuous Delivery, Continuous Integration, Infrastructure as Code
  • Excellent verbal and written communication skills; strong soft skills managing both technical and non-technical stakeholders
  • Be self-motivated with a strong sense of ownership over complex problems and their related solutions


  • Competitive salary, plus equity options
  • Flexible working hours, we value work-life balance
  • In-house chefs that cook delicious breakfast and lunch for us each day
  • Free Gym and Yoga Membership
  • Generous parental (including secondary) leave policy
  • Pet-friendly offices
  • Sponsored social clubs and team events
  • Fun and quirky celebrations
  • Relocation budget for interstate or overseas individuals (see below for visa information)

If you require visa sponsorship, you must ensure you have at least two (2) years of post-University commercial experience as a Software Engineer and meet the mandatory sponsorship requirements laid out by Department of Home Affairs.


Canva is a graphic-design tool website, founded in 2012. It uses a drag-and-drop format and provides access to over a million photographs, graphics, and fonts. It is used by non-designers as well as professionals. The tools can be used for both web and print media design and graphics.



Company Type


Official website

Got a question? Get in touch now

We're here to help! Check out our FAQs or send us an email.