Canva

Computer Software

SeniorSecurityEngineer–InsiderThreat&Investigations

Sydney, New South Wales, Australia FULL TIME

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for mid candidates.

The Brief

“Senior Security Engineer – Insider Threat & Investigations at Canva. Skills: Security Investigations, Incident Response, Detection and Alerting, Threat Hunting, Security Tooling and Workflow Improvement. Lead high-complexity investigations involving sophisticated techniques and potential legal or regulatory considerations. Respond to security events from detection through to containment, remediation, and resolution”

What You'll Achieve.

Strengthen Canva’s incident detection, investigation, and response capabilities; Reduce security risk at scale; Protect Canva’s intellectual property, customer data, and strategic information; Safeguard Canva’s systems, data, and the information our users entrust to us

Industry & Context.

Computer Software

Problems you'll solve

Solving ambiguous problems

Eligibility Requirements

Participate in a collaborative on-call rotation

What They're Looking For.

Must Have

experience leading or coordinating security investigations, digital forensics, or incident response activities in complex environments, comfortable working cross-functionally with Legal, People, and Security teams, and can communicate clearly during high-pressure situations, able to translate complex technical concepts for diverse audiences, including non-technical stakeholders, built or improved detection, automation, case management, or response workflows at scale, hands-on experience investigating macOS environments, alongside Linux and Windows systems, comfortable designing, building, and improving security tooling and operational workflows, confident working with SIEM, EDR, endpoint telemetry, and security investigation tooling, enjoy solving ambiguous problems and proactively improving systems, processes, and operational maturity, bring empathy, sound judgement, humility, and a collaborative mindset to sensitive investigations and incident coordination, programming or scripting experience in languages such as Python, Golang, or Java

Nice to Have

Experience with insider threat programs or user behaviour analytics (UBA/UEBA), Familiarity with DLP technologies and endpoint monitoring solutions, Experience building security automation or orchestration tooling, Exposure to legal evidence handling, privacy investigations, or law enforcement collaboration, Experience operating in cloud-native or large-scale SaaS environments

What You'll Do.

Lead high-complexity investigations involving sophisticated techniques and potential legal or regulatory considerations

Respond to security events from detection through to containment

Create and improve detection logic

and alerts across SIEM and EDR platforms

Proactively run threat hunting and anomaly detection exercises across Canva’s environment

Design and improve scalable tooling

and operational processes that strengthen Canva’s incident detection

and response capabilities

Act as an escalation point and incident coordinator during active investigations and security incidents

Participate in a collaborative on-call rotation supporting critical security investigations and incident response activities

Mentor and support the growth of teammates through knowledge sharing

and investigation best practices

How You'll Work.

Team & Collaboration

Coordinate closely with Legal, People, and Security teams on investigation scope, evidence handling, privacy considerations, and response activities; Work cross-functionally with Legal, People, and Security teams; Collaborate with other groups across Canva; Support internal groups including Legal, People, and Security; Work together with other teams

Communication Scope

Communicate clearly during high-pressure situations; Translate complex technical concepts for diverse audiences, including non-technical stakeholders; Write detailed investigation reports documenting findings, evidence, impact, and recommendations for technical and non-technical stakeholders

Full Job Description

Join the team redefining how the world experiences design. Hey, g'day, mabuhay, kia ora, 你好, hallo, vítejte! Thanks for stopping by. We know job hunting can be a little time consuming and you're probably keen to find out what's on offer, so we'll get straight to the point. Where and how you can work Our flagship campus is in Sydney. We also have a campus in Melbourne and co-working spaces in Brisbane, Perth and Adelaide. But you have choice in where and how you work, we trust our Canvanauts to choose the balance that empowers them and their team to achieve their goals. What you’d be doing in this role As Canva scales change continues to be part of our DNA. But we like to think that's all part of the fun. So this will give you the flavour of the type of things you'll be working on when you start, but this will likely evolve. At the moment, this role is focused on: * Lead high-complexity investigations involving sophisticated techniques and potential legal or regulatory considerations * Coordinate closely with Legal, People, and Security teams on investigation scope, evidence handling, privacy considerations, and response activities * Write detailed investigation reports documenting findings, evidence, impact, and recommendations for technical and non-technical stakeholders * Respond to security events from detection through to containment, remediation, and resolution * Create and improve detection logic, correlation rules, and alerts across SIEM and EDR platforms * Proactively run threat hunting and anomaly detection exercises across Canva’s environment * Design and improve scalable tooling, workflows, and operational processes that strengthen Canva’s incident detection, investigation, and response capabilities * Act as an escalation point and incident coordinator during active investigations and security incidents * Participate in a collaborative on-call rotation supporting critical security investigations and incident response activities * Mentor and support the gr

Free ATS check

Applying for this Senior Security Engineer – Insider Threat & Investigations role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 40 detected · ranked by frequency

Incident Response ×6

Threat Hunting ×6

Security Investigations ×5

Digital Forensics ×4

Anomaly Detection ×4

Detection Logic Creation ×3

Correlation Rule Creation ×3

Alerting ×3

Tooling Design ×3

Workflow Design ×3

Operational Process Improvement ×3

Programming ×3

Scripting ×3

Endpoint Telemetry Analysis ×3

Detection and Alerting ×2

Security Tooling and Workflow Improvement ×2

SIEM ×2

EDR ×2

Python

Golang

Java

macOS

Linux

Windows

Insider Threat Investigations

Security Tooling

Operational Processes

Case Management

User Behaviour Analytics (UBA/UEBA)

DLP technologies

Endpoint Monitoring

Security Automation

BEHAVIOURAL

Clear communication during high-pressure situationsTranslating complex technical concepts for diverse audiencesEmpathySound judgementHumilityCollaborative mindset

Role Details

Experience 5–10 yrs

Level mid

Work Mode Remote Friendly

Type FULL TIME

Category Security Operations

AI-Extracted Insights

Domain Areas

insider-threatuser-behaviour-analytics-uba-uebadlp-technologiesendpoint-monitoringlegal-evidence-handlingprivacy-investigationslaw-enforcement-collaborationcloud-native-environments

How to Apply on SmartRecruiters

SmartRecruiters often includes a video screening step — check camera and mic permissions.
Link your GitHub or portfolio directly in the profile section for technical roles.
Applications may be reviewed by AI scoring before reaching a recruiter — use keywords from the job description.

ANONYMOUS · UNFILTERED

What do employees actually say about Canva?

Real rants from real employees. Read before you apply.

Read Company Rants →