We’re constantly working towards making Canva the best place to work, for everyone. We believe deeply that bringing together diversity of thoughts, perspectives and expression is key for building the best product for our equally diverse community all around the world. We celebrate uniqueness and whatever makes you, you and encourage everyone who wants to help us transform the way the world designs, to join us on this journey. We value all different types of experiences. If you don’t think you quite meet all of the qualifications, we’d still love to hear from you.
About Us
At Canva, our mission is to democratise design and empower creativity for anyone and everyone, on every platform. Inspired by a team of talented thinkers, an amazing culture and a remarkable growth trajectory – we’re out to change the world, one design at a time.
Since launch in August 2013, we have grown exponentially, amassing over 75 million monthly active users across 190 different countries who have created more than 6 Billion designs. We are one of the world’s fastest-growing technology companies and we have only achieved about 1% of what we want to do.
You'll be joining the Application Platform team, a sub-team of the broader Infrastructure Group responsible for the front line of our microservices, as well as the journey a request takes while travelling from one service to another. Gateway’s work is based on three cornerstones: reliability, security, and velocity. We want to ensure that every request that hits Canva goes through the Gateway components, at ludicrous speeds, and that the developers who work on the platform can be efficient and productive.
This role is based in our Sydney office. However, it is remote-friendly for applicants physically based anywhere in Australia or in New Zealand.
Responsibilities
Improve our ability to detect evil up and down the network stack, at the edge, and within the fabric of our infrastructureAs an individual contributor, design and implement tooling for managing Canva’s edge setup - domains, certificates, WAF rules in a secure mannerProtecting Canva's reputation through bot management, domain protection, and abuse detection both within Canva and on the wider internetAs a security specialist, identifying opportunities to enhance the security of internal and public-facing flowsImproving and proposing changes to the way all of the requests that flow through Canva are authenticated and authorizedEnsuring that network flows are secured, and web properties have the right security settings to protect our Users' dataResearching, developing, and justifying the best choices in the form of design docs for tools and processes that will shape the future of security at CanvaParticipating in design meetings, hiring interviews, and code reviews
Required Skills & Experience
Experience developing with one of the mainstream programming languages: Java/C++/Typescript/Go. However, our services and libraries are primarily written in JavaExperience working in cloud environments - we're AWS and Cloudflare - but experience with any of the major cloud providers and Fastly, Akamai, or any other major CDNs would be awesome!Knowledge of attacks along with defense against the dark arts: web attacks, DDoS, bot management, intrusion detection, etc.Knowledge of networking protocols such as TCP, HTTP/2, WebSockets, and the security measures and best practices in service deliverySecurity certifications are less important than security thinking: Prior experience as an (ethical) attacker or defender where the work involves an understanding of attacker methodologies, system vulnerabilities, countermeasures, and detectionGreat knowledge of internet plumbing (lots of three-letter-acronyms here: DNS, TLS, CDN, PKI) and approaches to sustain a zero-trust internal service modelDisciplined coding practices, experience with code reviews and pull requests and a creative and conceptual problem-solving approach as opposed to framework or library-focused; We strive to build fast and lean solutions; not library/framework-heavy patchworkStrong communication and team collaboration skills, both written and verbal. As a security engineer, you will need to share knowledge, communicate, and coordinate changes across multiple service teams
Bonus points if ...
... you have RPC Frameworks, Finagle, Thrift or gRPC will be a huge plus; Understanding of how services communicate is important to ensure that the data they exchange is secure
Benefits
Competitive salary, plus stock options via our ESOP planFlexible daily working hours, we value work-life balanceBreakfast and lunch prepared by our wonderful Vibe teamOnsite-Gym and Yoga MembershipEnd-of-Trip Facilities: Bicycle parking and showersGenerous parental (including secondary) leave policyPet-friendly officesInternal Coaching and an Employee Wellness ProgramSponsored social clubs, team events, and celebrationsRelocation budget for interstate individuals who would like to relocate to Sydney
The Canva workspace is set up for you to do your best work and have a great time doing so, with breakout areas, little nooks, and quiet places to retreat.
If you're seeking professional growth and enjoy working on a product suite that impacts millions of lives every single day - individual and business folks alike - then apply now to be considered for a spot on the team!
We will not under any circumstances be accepting any CVs or resumes from recruitment agencies.
We make hiring decisions based on your experience, skills and passion. If you’re keen to apply and need reasonable adjustments or would like to note which pronouns you use at any point in the application or interview process, please let us know.