Senior Security Engineer – Investigations

This is a fully remote position, open to applicants in Australia.

📋 Description

• Lead complex investigations that involve advanced techniques and may have legal or regulatory implications.

• Collaborate closely with Legal, People, and Security teams on the scope of investigations, evidence management, privacy issues, and response efforts.

• Produce comprehensive investigation reports that detail findings, evidence, impacts, and recommendations for both technical and non-technical audiences.

• Address security incidents from detection through containment, remediation, and resolution phases.

• Develop and enhance detection logic, correlation rules, and alerts within SIEM and EDR platforms.

• Actively engage in threat hunting and anomaly detection activities across Canva’s infrastructure.

• Design and refine scalable tools, workflows, and processes that enhance Canva’s capabilities in incident detection, investigation, and response.

• Serve as an escalation contact and incident coordinator during ongoing investigations and security events.

• Participate in a collaborative on-call rotation to support critical security investigations and incident response tasks.

• Mentor and foster the development of team members through knowledge sharing, operational guidance, and best practices in investigations.

⛳️ Requirements

• Proven experience in leading or coordinating security investigations, digital forensics, or incident response in intricate environments.

• Comfortable collaborating cross-functionally with Legal, People, and Security teams, and able to communicate effectively in high-stress situations.

• Capable of translating complex technical ideas for a variety of audiences, including those without a technical background.

• Experience in developing or enhancing detection, automation, case management, or response workflows at scale.

• Practical experience in investigating macOS environments, as well as Linux and Windows systems.

• Proficient in designing, building, and refining security tools and operational workflows.

• Confident in using SIEM, EDR, endpoint telemetry, and security investigation tools.

• Enjoy tackling ambiguous challenges and proactively enhancing systems, processes, and operational maturity.

• Bring empathy, sound judgment, humility, and a collaborative approach to sensitive investigations and incident coordination.

• Familiarity with programming or scripting in languages such as Python, Golang, or Java.

🏝️ Benefits

• Equity packages - we want our success to be yours too.

• Inclusive parental leave policy that supports all parents and caregivers.

• An annual Vibe & Thrive allowance to promote your wellbeing, social connections, office setup, and more.

• Flexible leave options that empower you to make a positive impact, take time to recharge, and support your personal needs.