Canva
Company Description
About the Group/Team
The Security Group is responsible for protecting Canva systems and data from information security threats. The group runs programs across Identity and Access Management, Application Security, Risk Management, Enterprise Security, and Threat Detection and Response domains. Our teams work together, and with other groups, to deliver preventive and detective controls and processes that reduce security risk. Security Platform Engineering (SPE) is a new team to develop, and drive adoption of high security consequence features into Canva’s platforms for all engineers at Canva to leverage.
The Security Platform Engineering team takes charge for solving security-specific problems, using security domain expertise to unblock engineering to work on Canva-differentiating features. Our vision is to empower every engineer to build secure code with ease, through establishing a suite of paved roads for engineers to consume.
About the Role/Specialty
The Security Platform Engineering team is small (3-5 people). As the Engineering Manager of this team, you will be responsible for building a high-performing team aligned to the vision, while also directly contributing to the development and adoption of security platform features. You will play a vital role in building high consequence security features in collaboration with other platform teams at Canva. It will be your responsibility to ensure the right security problems are being solved, and work continues to be impactful to Canva’s mission.
Job Description
What you’ll do (responsibilities):
- Drive vision-setting, strategy and planning for the team, in collaboration with other key teams in Security and beyond; you will be accountable for the technical strategy and roadmap
- Set clear and impactful goals for the team; balancing product needs against the long-term health and cost of your services
- Champion adoption of security platform features across Canva’s engineering teams
- Directly contribute to design and implementation of features
- Continuously engage with stakeholder teams to anticipate future needs
- Measure and communicate the impact of your teams' work to the wider company
- Build and maintain a healthy team culture; ensure that our engineering values are upheld, fostering an open, pragmatic and supportive culture that encourages healthy collaboration
- Invest in personal growth and career development of engineering talent within the team
What we're looking for:
This is the ideal role for someone who is motivated by leading small, empowered teams and helping engineers to grow through coaching, but who also wants to stay hands-on through system design and contributing directly to technical delivery in a security domain.
Must-Have;
- Experience in directly managing a high-performing team, guided by company or specialty missions, and goals
- Strong coaching and interpersonal skills, and able to engage and motivate a team with diverse backgrounds and experiences
- Strong software engineering fundamentals; be able to hold court with principal-level engineers and significantly contribute to design documents and complex software architecture
- Proficient in one or more programming languages, and can directly contribute to the design and implementation of features (you will be programming)
Nice to Have;
- Experience in a security domain (application sandboxing, encryption, authN/Z, etc) is a plus
- Programming experience in Rust, Java, or similar
- Experience with infrastructure tools like Terraform, Helm, K8s, or similar
- Experience with Linux security fundamentals such as cgroups, namespaces, seccomp, etc
- Experience securing or building on cloud-based environments (AWS, Google Cloud, Azure).