Canva home
See jobs
  • Careers
  • Jobs
  • Senior Software Engineer - Edge Systems Security
Engineering

Senior Software Engineer - Edge Systems Security

Sydney or Remote (Aus/NZ) – Full-time

At Canva, our mission is to democratize design and empower creativity and visual expression for every person, on every platform. Since its launch in April 2013, our user base has grown exponentially, amassing over 55 million monthly active users in over 100 languages, making us one of the world's fastest-growing technology companies. Canva is used by millions of people every single day and reliability is a feature - it’s crucial for us to ensure that they can rely on our platform at all times. 

You'll be joining the Gateway Team, a sub-team of the broader Infrastructure Group responsible for the front line of our microservices, as well as the journey a request takes while travelling from one service to another. Gateway’s work is based on three cornerstones: reliability, security, and velocity. We want to ensure that every request that hits Canva goes through the Gateway components, at ludicrous speeds, and that the developers who work on the platform can be efficient and productive.

This role is based in our Sydney office. However, it is remote-friendly for applicants physically-based anywhere in Australia or in New Zealand.

Responsibilities

  • Improve our ability to detect evil up and down the network stack, at the edge, and within the fabric of our infrastructure
  • As an individual contributor, design and implement tooling for managing Canva’s edge setup - domains, certificates, WAF rules in a secure manner
  • Protecting Canva's reputation through bot management, domain protection, and abuse detection both within Canva and on the wider internet
  • As a security specialist, identifying opportunities to enhance the security of internal and public-facing flows
  • Improving and proposing changes to the way all of the requests that flow through Canva are authenticated and authorized
  • Ensuring that network flows are secured, and web properties have the right security settings to protect our Users' data
  • Researching, developing, and justifying the best choices in the form of design docs for tools and processes that will shape the future of security at Canva
  • Participating in design meetings, hiring interviews, and code reviews

Required Skills & Experience

  • Experience developing with one of the mainstream programming languages: Java/C++/Typescript/Go. However, our services and libraries are primarily written in Java
  • Experience working in cloud environments - we're AWS and Cloudflare - but experience with any of the major cloud providers and Fastly, Akamai, or any other major CDNs would be awesome!
  • Knowledge of attacks along with defense against the dark arts: web attacks, DDoS, bot management, intrusion detection, etc.
  • Knowledge of networking protocols such as TCP, HTTP/2, WebSockets, and the security measures and best practices in service delivery
  • Security certifications are less important than security thinking: Prior experience as an (ethical) attacker or defender where the work involves an understanding of attacker methodologies, system vulnerabilities, countermeasures, and detection
  • Great knowledge of internet plumbing (lots of three-letter-acronyms here: DNS, TLS, CDN, PKI) and approaches to sustain a zero-trust internal service model
  • Disciplined coding practices, experience with code reviews and pull requests and a creative and conceptual problem-solving approach as opposed to framework or library-focused; We strive to build fast and lean solutions; not library/framework-heavy patchwork
  • Strong communication and team collaboration skills, both written and verbal. As a security engineer, you will need to share knowledge, communicate, and coordinate changes across multiple service teams

Bonus points if ...

  • ... you have RPC Frameworks, Finagle, Thrift or gRPC will be a huge plus; Understanding of how services communicate is important to ensure that the data they exchange is secure

Benefits

  • Competitive salary, plus stock options via our ESOP plan
  • Flexible daily working hours, we value work-life balance
  • Breakfast and lunch prepared by our wonderful Vibe team
  • Onsite-Gym and Yoga Membership
  • End-of-Trip Facilities: Bicycle parking and showers
  • Generous parental (including secondary) leave policy
  • Pet-friendly offices
  • Internal Coaching and an Employee Wellness Program
  • Sponsored social clubs, team events, and celebrations
  • Relocation budget for interstate individuals who would like to relocate to Sydney

The Canva workspace is set up for you to do your best work and have a great time doing so, with breakout areas, little nooks, and quiet places to retreat.

If you're seeking professional growth and enjoy working on a product suite that impacts millions of lives every single day - individual and business folks alike - then apply now to be considered for a spot on the team!

We will not under any circumstances be accepting any CVs or resumes from recruitment agencies.

Apply Now