Senior Security Engineer - Detection & Response

Canva is seeking a Senior Security Engineer to join their Detection & Response team in Melbourne, Australia. This role is integral to enhancing Canva's security posture by developing and implementing detection capabilities, automating security workflows, and strengthening the security platform infrastructure. As a member of the Detection & Response organization, the engineer will work at the intersection of security engineering and operations, focusing on threat detection, investigation, incident response, and security operations.

In this position, the Senior Security Engineer will lead incident response coordination, acting as the escalation point for security incidents across Canva's cloud-native infrastructure. Responsibilities include investigating and triaging security alerts, coordinating containment, eradication, and recovery activities, and leading post-incident reviews to translate learnings into improved detections and response processes. The role also involves building and maintaining automation workflows and response playbooks to streamline investigation and response, partnering with various teams to translate threat intelligence into practical detection and response outcomes, and developing security response tooling across areas such as case management, automation, SOAR, SIEM, and forensics.

Candidates should have demonstrable experience in incident response, digital forensics and incident response (DFIR), or security operations, with a proven track record in coordinating security events from detection through resolution. Experience with enterprise security platforms, including SIEM (Elastic Security, Splunk, or similar), EDR (SentinelOne, CrowdStrike, Microsoft Defender, or similar), and SOAR platforms is essential. A strong investigative mindset, the ability to solve ambiguous security problems, and make risk-based decisions under pressure are crucial. Proficiency in scripting and programming languages such as Python or Go, and working knowledge of cloud providers (AWS, GCP, or Azure) and cloud attack techniques are required.

While not mandatory, beneficial experience includes threat hunting, threat intelligence, forensic acquisition and analysis, incident response in containerized and Kubernetes environments, and contributions to open-source security tools. The role offers a hybrid work environment, providing flexibility to work remotely and collaborate in person at the Melbourne campus when necessary. Compensation details are not specified in the available information.

Canva's culture is unique, human-centric, and continually evolving, with a strong emphasis on values such as 'Be a Good Human' and 'Be a Force for Good.' The company fosters an inclusive environment where every team member is encouraged to contribute their unique perspectives and talents. Canva has been recognized for its innovative workplace culture, being named the number one Best Workplace for Innovators by Fast Company in 2023. Employees are empowered to do the best work of their lives, with opportunities for growth and development in a supportive and dynamic environment.