Security Engineer - Incident Response - Canva UK

Job Description

Join the team redefining how the world experiences design.

Hiya, g'day, mabuhay, kia ora, 你好, hallo, vítejte!

Thanks for stopping by. We know job hunting can be a little time consuming and you're probably keen to find out what's on offer, so we'll get straight to the point.

Where and how you can work

The buzzing Canva London campus features several buildings around beautiful leafy Hoxton Square in Shoreditch. While our global headquarters is in Sydney, Australia, London is our HQ for Europe, with all kinds of teams based here, plus event spaces to gather our team and communities. You'll experience a warm welcome from our Vibe team at front of house, amazing home cooked food from our Head Chef and a variety of workspaces to hang out with your team mates or get solo work done. That said, we trust our Canvanauts to choose the balance that empowers them and their team to achieve their goals and so you have choice in where and how you work.

What you’d be doing in this role

As Canva scales change continues to be part of our DNA. But we like to think that's all part of the fun. So this will give you the flavour of the type of things you'll be working on when you start, but this will likely evolve.

At the moment, this role is focused on:

• Act as the escalation point for security & privacy incidents across Canva's systems.
• Actively respond to security events from detection through to resolution, including the rollout of solutions and mitigations to prevent a recurrence.
• Actively monitor Canva’s internal and production systems for possible attacks and intrusions.
• Proactively run threat detection exercises and search for anomalous behavior.
• Build out and develop the tools and foundations for security incident alerting, management, communication, and response.
• Maintain incident response documentation, participate in post incident reviews, and contribute to incident reports.
• Participate in the on-call roster for security incident response.
• Assist in the promotion of a security mindset and the establishment of best practices with across a wide range of security areas: secure development, cryptography, network security, security operations, and incident response.
• Identify trends, research, new technologies, and emerging threats models, which may impact the business.
• Contribute to projects that enhance the security positioning of the business.

You're probably a match if

• You have a curious detective mindset and be driven to solve ambiguous problems with simple solutions.
• You bring proven experience in Security - Engineering, Operations, Incident Response, Analysis, or Threat Research.
• You have sound knowledge of web protocols, networks, common attacks, and a working knowledge of Linux/Unix tools and architecture.
• You had prior exposure to the cloud. Ideally AWS or GCP but Azure would be completely fine.
• You have strong documentation, communication, and stakeholder management skills; the ability to work alongside technical and non-technical colleagues.
• You have the ability to prioritize multiple tasks and projects in a dynamic environment.

About the team

The Security Group at Canva is responsible for protecting Canva systems and data from information security threats. The teams within this group work together and with other groups to deliver preventive and detective controls and processes that reduce security risk. The group runs programs across various domains, including Identity and Access Management, Application Security, Risk Management, and Threat Detection and Response.

What's in it for you?

Achieving our crazy big goals motivates us to work hard - and we do - but you'll experience lots of moments of magic, connectivity and fun woven throughout life at Canva, too. We also offer a range of benefits to set you up for every success in and outside of work.

Here's a taste of what's on offer:

• Equity packages - we want our success to be yours too
• Inclusive parental leave policy that supports all parents & carers
• An annual Vibe & Thrive allowance to support your wellbeing, social connection, office setup & more
• Flexible leave options that empower you to be a force for good, take time to recharge and supports you personally

Check out lifeatcanva.com for more info.

Other stuff to know

We make hiring decisions based on your experience, skills and passion, as well as how you can enhance Canva and our culture. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process.

We celebrate all types of skills and backgrounds at Canva so even if you don’t feel like your skills quite match what’s listed above - we still want to hear from you!

Please note that interviews are conducted virtually.