Senior Security Engineer – Insider Threat, Investigations

Role Overview

• Lead high-complexity investigations involving sophisticated techniques and potential legal or regulatory considerations
• Coordinate closely with Legal, People, and Security teams on investigation scope, evidence handling, privacy considerations, and response activities
• Write detailed investigation reports documenting findings, evidence, impact, and recommendations for technical and non-technical stakeholders
• Respond to security events from detection through to containment, remediation, and resolution
• Create and improve detection logic, correlation rules, and alerts across SIEM and EDR platforms
• Proactively run threat hunting and anomaly detection exercises across Canva’s environment
• Design and improve scalable tooling, workflows, and operational processes that strengthen Canva’s incident detection, investigation, and response capabilities
• Act as an escalation point and incident coordinator during active investigations and security incidents
• Participate in a collaborative on-call rotation supporting critical security investigations and incident response activities
• Mentor and support the growth of teammates through knowledge sharing, operational guidance, and investigation best practices

Requirements

• Experience leading or coordinating security investigations, digital forensics, or incident response activities in complex environments
• Comfortable working cross-functionally with Legal, People, and Security teams, and can communicate clearly during high-pressure situations
• Able to translate complex technical concepts for diverse audiences, including non-technical stakeholders
• Built or improved detection, automation, case management, or response workflows at scale
• Hands-on experience investigating macOS environments, alongside Linux and Windows systems
• Comfortable designing, building, and improving security tooling and operational workflows
• Confident working with SIEM, EDR, endpoint telemetry, and security investigation tooling
• Enjoy solving ambiguous problems and proactively improving systems, processes, and operational maturity
• Bring empathy, sound judgement, humility, and a collaborative mindset to sensitive investigations and incident coordination
• Programming or scripting experience in languages such as Python, Golang, or Java

Tech Stack

• Java
• Linux
• MacOS
• Python
• Go

Benefits

• Equity packages
• we want our success to be yours too
• Inclusive parental leave policy that supports all parents & carers
• An annual Vibe & Thrive allowance to support your wellbeing, social connection, office setup & more
• Flexible leave options that empower you to be a force for good, take time to recharge and supports you personally