Senior Application Security Engineer - Ecosystem (Open to remote across ANZ)
Canva
- Sydney, NSW
- Permanent
- Full-time
- Identifying, introducing, and improving security controls throughout the cloud infrastructure at Canva.
- Advising engineering teams on system and application security best practices and design patterns.
- Threat modeling exercises for Canva products and infrastructure.
- Discovery and triage of vulnerabilities across Canva's threat landscape.
- Assisting your team in interviewing and hiring other passionate security engineers.
- Mentoring and supporting the growth of your colleagues in your areas of expertise.
- Glassbox security reviews (source-code and dynamic assessments).
- Experience with JavaScript and Typescript development.
- Experience implementing security automated testing techniques such as SAST, DAST, fuzzing, etc.
- Familiarity with infrastructure as code (e.g Terraform).
- Guardrail tooling like cfn-nag, semgrep, CodeQL, tfsec, or similar.
- Equity packages - we want our success to be yours too
- Inclusive parental leave policy that supports all parents & carers
- An annual Vibe & Thrive allowance to support your wellbeing, social connection, office setup & more
- Flexible leave options that empower you to be a force for good, take time to recharge and supports you personally