Security Engineer - Abuse Investigation (Trust & Safety)
Sydney, Australia
Job Description
Join the team redefining how the world experiences design.
Hey, g'day, mabuhay, kia ora,你好, hallo, vítejte!
Thanks for stopping by. We know job hunting can be a little time consuming and you're probably keen to find out what's on offer, so we'll get straight to the point.
Where and how you can work
Our flagship campus is in Sydney. We also have a campus in Melbourne and co-working spaces in Brisbane, Perth and Adelaide. But you have choice in where and how you work. That means if you want to do your thing in the office (if you're near one), at home or a bit of both, it's up to you.
What you’d be doing in this role
As Canva scales change continues to be part of our DNA. But we like to think that's all part of the fun. So this will give you the flavour of the type of things you'll be working on when you start, but this will likely evolve.
About the group:
The Trust & Safety (T&S) Group vision is to make Canva the world’s most trusted company for safe design. To safeguard our community, our T&S engineering teams build technologies to protect user safety (including but not limited to their account, content, data, and privacy) and to prevent, detect, and mitigate abuse and fraud that could compromise the trust people have in Canva, such as unacceptable content, bots, account takeovers, and other abuse vectors.
Role Responsibilities:
- Proactively perform abuse investigations for known and unknown threat vectors
- Actively develop and monitor alerts and metrics to detect abusive patterns
- Define controls to target abusive patterns by collaborating with engineering teams
- Build out and develop documentation, tools, and foundations for abuse management and communications, participate in post incident reviews, and contribute to incident reports
- Identify trends, research, new technologies, and emerging abuse threat models, which may impact the business
- Assist in the promotion of an abuse/security mindset and the establishment of best practices across a wide range of T&S areas: account takeover, bot management, content safety, abuse operations, and incident response
- Contribute to projects that enhance the abuse/fraud positioning of the business
- Be a driving force to influence company teams for Trust & Safety matters
Required Experience:
- First and foremost, have a curious detective mindset and be driven to solve ambiguous problems with simple solutions
- More than 3 years of proven experience in Trust & Safety and/or Security, e.g., threat intelligence, reporting, and modelling threat actors and their TTPs to quantify abuse vectors
- Experience reviewing product logs and signals and detecting anomalies
- Familiar and comfortable reviewing application source code
- Familiarity working with SQL or other query languages to perform threat hunting and analysis
- Documentation, communication, and stakeholder management skills; the ability to work alongside technical and non-technical colleagues
- The ability to prioritize multiple tasks and projects in a dynamic environment
- Experience writing code on any major programming languages (Python, Java, etc) is a plus
What's in it for you?
Achieving our crazy big goals motivates us to work hard - and we do - but you'll experience lots of moments of magic, connectivity and fun woven throughout life at Canva, too. We also offer a stack of benefits to set you up for every success in and outside of work.
Here's a taste of what's on offer:
- Equity packages - we want our success to be yours too
- Inclusive parental leave policy that supports all parents & carers
- An annual Vibe & Thrive allowance to support your wellbeing, social connection, office setup & more
- Flexible leave options that empower you to be a force for good, take time to recharge and supports you personally
Check out lifeatcanva.com for more info.
Other stuff to know
We make hiring decisions based on your experience, skills and passion, as well as how you can enhance Canva and our culture. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process.
Please note that interviews are conducted virtually.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Incident response Java Privacy Python SQL Threat intelligence TTPs
Perks/benefits: Flex hours Flex vacation Home office stipend Parental leave Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs