> HackerTyper Jobs

Join the team redefining how the world experiences design.

Hey, g'day, mabuhay, kia ora,你好, hallo, vítejte!
Thanks for stopping by. We know job hunting can be a little time consuming and you're probably keen to find out what's on offer, so we'll get straight to the point. 

Where and how you can work

Our flagship campus is in Sydney. We also have a campus in Melbourne and co-working spaces in Brisbane, Perth and Adelaide. But you have choice in where and how you work. That means if you want to do your thing in the office (if you're near one), at home or a bit of both, it's up to you. 

What you’d be doing in this role

As Canva scales change continues to be part of our DNA. But we like to think that's all part of the fun. So this will give you the flavour of the type of things you'll be working on when you start, but this will likely evolve.

About Red Team At Canva

At Canva, we’re all constantly striving towards our Crazy Big Goals! As our product, platforms, infrastructure, and corporate environments grow and evolve, so too does our need to respond to an ever-increasing threat landscape.
The Red Team is focussed on emulating threat actors and testing Canva’s ability to detect and respond to them. In addition we are constantly looking for new and innovative attacks, reviewing the latest industry trends, working with our threat intelligence teams, and using all of that information to develop real and test world attack scenarios against Canva.
As a Red Team Engineer, your mission is to work together with the Detection, Incident Response, and Application Security teams to ensure that Canva is prepared and able to effectively respond to these real world threats.

About the Security Group

The Security Group is responsible for protecting Canva systems and data from information security threats. Our teams work together, and with other groups, to deliver preventative and detective controls and processes that reduce security risk across the business.
The group runs programmes across Internal Corporate Security, Identity and Access Management, Application Security, Risk Management, Threat Detection and Response domains, in addition to its Red Team capability.

What you'll be doing!

• Plan, design, and execute complex viable threat scenarios to Canva and emulate the techniques of real-world attackers to identify vulnerabilities and response gaps in Canva’s product, platform, and infrastructure.
• Research new and innovative attack chains and exploits that may impact Canva, as well as review new industry threats and attack techniques, and demonstrate how the risks may apply to Canva.
• Collaborate closely with incident response teams and assist in increasing Canva’s ability to detect and respond to various types of threat actors.
• Engage with cross-functional teams across Canva to communicate risks, provide recommendations, and develop effective mitigation strategies for enhancing security posture.
• Providing technical guidance, mentoring, and support in conducting assessments, penetration testing, and vulnerability analysis to engineers.
• Communicate and present operation outcomes at various levels of the business including, internal Canva teams and the wider engineering organisation, as well as product owners and leadership.

Required Experience:

• Proven track record as an Offensive Security Engineer, performing red teaming engagements in various environments including experience in penetration testing, vulnerability assessments, social engineering, and exploitation techniques.
• A deep technical understanding of security frameworks, threat modeling, risk assessments, and mitigations, as well as extensive knowledge of offensive security tools and techniques.
• Continuous development of knowledge around current and emerging security threats, and how those threats could be of impact to Canva.
• Strong software engineering skills especially around web development, with a proficiency in one or more programming languages, as well as a strong understanding of cloud infrastructure platforms (such as AWS, GCP), and infrastructure as code development (such as Terraform, Ansible).
• Experience in coaching and educating more junior operatives and incident responders on technical issues throughout the lifecycle of Red Team engagements, as well as helping to develop mitigation strategies with stakeholders across the business.

What's in it for you?

Achieving our crazy big goals motivates us to work hard - and we do - but you'll experience lots of moments of magic, connectivity and fun woven throughout life at Canva, too. We also offer a stack of benefits to set you up for every success in and outside of work.
Here's a taste of what's on offer: • Equity packages - we want our success to be yours too • Inclusive parental leave policy that supports all parents & carers • An annual Vibe & Thrive allowance to support your wellbeing, social connection, office setup & more • Flexible leave options that empower you to be a force for good, take time to recharge and supports you personally
Check out lifeatcanva.com for more info.

Other stuff to know

We make hiring decisions based on your experience, skills and passion, as well as how you can enhance Canva and our culture. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process.
Please note that interviews are conducted virtually.