Security Engineering Manager - Vulnerability Management, Application Security

3 Months ago • 6-8 Years • Software Development & Engineering

Job Summary

Job Description

As a Security Engineering Manager for Vulnerability Management at Canva, you will lead a team responsible for identifying, assessing, and automating the resolution of security vulnerabilities across Canva's global ecosystem. Key responsibilities include delivering application security solutions for a large-scale, cloud-native SaaS application stack, fostering a security-first engineering culture, driving technical decision-making, and supporting engineer growth and development. You'll collaborate across teams, manage large projects, and work with vendors. The role requires experience leading engineering or security teams, a strong technical background, expertise in vulnerability management, and excellent communication skills. Canva's approach prioritizes building secure solutions while maintaining speed and scale of delivery.
Must have:
  • Lead engineering/security teams
  • Technical hands-on leadership
  • Cloud experience (AWS, GCP, Azure)
  • Vulnerability management expertise
  • Strong communication skills
Good to have:
  • AWS subject matter expertise
  • Experience scaling security solutions via automation
  • Experience with vulnerability management at scale
Perks:
  • Equity packages
  • Inclusive parental leave
  • Vibe & Thrive allowance
  • Flexible leave options

Job Details

Job Description

Join the team redefining how the world experiences design.

Hey, g'day, mabuhay, kia ora, 你好, hallo, vítejte!

Thanks for stopping by. We know job hunting can be a little time consuming and you're probably keen to find out what's on offer, so we'll get straight to the point.

Where and how you can work

Our flagship campus is in Sydney. We also have a campus in Melbourne and co-working spaces in Brisbane, Perth and Adelaide. But you have choice in where and how you work, we trust our Canvanauts to choose the balance that empowers them and their team to achieve their goals.

What you’d be doing in this role

As Canva scales change continues to be part of our DNA. But we like to think that's all part of the fun. So this will give you the flavour of the type of things you'll be working on when you start, but this will likely evolve.

At the moment, this role is focused on:

  • Own the delivery of Application Security solutions for our large-scale, cloud-native and SaaS application stack, to enable Canva to understand its vulnerability landscape, and have remediation built into our development lifecycle.
  • Support a security-first engineering culture by making the optimally secure solution the easiest one for software engineering teams to use 
  • Drive technical decision making support to your team in a fast-paced, innovation-focused environment
  • Foster a culture of communication, bridging the communication gap between teams, groups, and company leaders
  • Invest in working with engineers on growth and development opportunities to help further their skillset and grow into new roles, with an ability to deliver relevant and timely feedback (positive & constructive) to help them to continuously improve and learn
  • Be involved in hiring; build and grow high-performing and highly engaged teams of world-class engineers by attracting, interviewing, and selecting talent for your group
  • Coordinate across various specialties and parts of the business to understand the impact and feasibility of strategic goals within the group, and how that impacts your own roadmap.
  • Drive delivery of large, cross team and cross group initiatives and projects from ideation to completion.

You're probably a match if

  • You’ve led engineering or security teams and love growing people from all levels, while scaling systems.
  • You’re a technical hands on leader (with previous experience as a Software or Security engineer), who is comfortable getting into the thick of it when needed using software engineering fundamentals and security first principles to guide technical decision making
  • Previous experience in cloud-based environments (AWS, Google Cloud, Azure) with a working knowledge of broad infrastructure functions - CI/CD pipelines, automation, site reliability etc.
  • You bring deep understanding of vulnerability management practices — across infrastructure, application security, and cloud environments.
  • You’re comfortable working with ambiguity, designing programs, and influencing beyond your immediate team.
  • You can communicate clearly with technical and non-technical audiences and love turning complex problems into simple, effective solutions.
  • Experience making careful engineering tradeoffs, particularly around "Build vs Buy", evaluating potential third party systems to partner with, and managing and working with vendors to meet Canva's business needs
  • Strong customer focus to understand the use cases and requirements of internal stakeholders, and identify opportunities to empower them to do their best work

While not required, you’ll have an edge if you bring:

  • Subject-matter expertise of Amazon Web Services and associated technologies and products within the AWS ecosystem
  • Previous experience leading teams to scale security solutions through automation, continuously reducing the tax that security requirements can impose on software development and operations
  • Experience working on delivering vulnerability management at scale in a fast paced, rapid growth environment

About the role

As a Security Engineering Manager for the Vulnerability Management team, you’ll lead a team dedicated to identifying, assessing, and automating the resolution of security vulnerabilities across Canva’s global ecosystem. Your mission is to empower engineers with the tools and context they need to make secure decisions by default—making the secure path the easiest path. We need to be able to ship robust and secure features without sacrificing speed and scale of delivery.

Our Vulnerability Management team takes a strategic, build-versus-buy approach to deliver robust capabilities that offer visibility, early detection, and actionable insights. We're focused on reducing toil, abstracting away complexity, and driving remediation at scale—so product teams can focus on building, not fixing. You'll guide engineers as they develop and scale security solutions, navigate complex problem spaces, and balance security rigor with Canva's pace of innovation.


About the Security Group

The Security Group’s mission is to protect our community, people, and company from online threats by making the most secure actions simple. Our teams work together, and with other groups, to deliver preventive and detective controls and processes that reduce security risk. The group runs programs across Identity and Access Management, Application Security, Risk Management, and Threat Detection and Response domains.  Within this group, the Vulnerability Management team ensures we’re proactively identifying and reducing risk across Canva’s systems and codebase. We partner deeply with product teams and platform engineers — building shared tooling, defining scalable processes, and helping Canva grow securely.

What's in it for you?

Achieving our crazy big goals motivates us to work hard - and we do - but you'll experience lots of moments of magic, connectivity and fun woven throughout life at Canva, too. We also offer a range of benefits to set you up for every success in and outside of work.

Here's a taste of what's on offer:

  • Equity packages - we want our success to be yours too
  • Inclusive parental leave policy that supports all parents & carers
  • An annual Vibe & Thrive allowance to support your wellbeing, social connection, office setup & more
  • Flexible leave options that empower you to be a force for good, take time to recharge and supports you personally

Check out lifeatcanva.com for more info.

Other stuff to know

We make hiring decisions based on your experience, skills and passion, as well as how you can enhance Canva and our culture. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process.

We celebrate all types of skills and backgrounds at Canva so even if you don’t feel like your skills quite match what’s listed above - we still want to hear from you!

Please note that interviews are conducted virtually.

Similar Jobs

Actian - C Engineer - Bangalore/Pune

Actian

Bengaluru, Karnataka, India (On-Site)
9 Months ago
Embrace - Business Development Lead

Embrace

United States (Remote)
2 Weeks ago
Glean - Solutions Architect

Glean

United States (Remote)
2 Months ago
Imanage - Account Executive, Law

Imanage

Chicago, Illinois, United States (On-Site)
2 Months ago
Visual Concepts - Senior Server Engineer

Visual Concepts

Novato, California, United States (On-Site)
10 Months ago
Tesla - Mechanical Engineer, Low Voltage Wire Harness

Tesla

Berlin, Berlin, Germany (On-Site)
5 Months ago
Reddit - Senior Staff Engineer, GraphQL

Reddit

United States (Remote)
2 Months ago
Canonical - Ubuntu Linux Kernel Engineer - BIOS/Firmware

Canonical

(Remote)
2 Months ago
attentive - Engineering Manager, Compute & Networking

attentive

United States (Remote)
4 Weeks ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

deel. - Product Support Specialist

deel.

South Africa (Remote)
1 Week ago
AiDash - Principal Data Scientist, Wildfire Management

AiDash

Palo Alto, California, United States (Remote)
10 Months ago
Zuora - Pre-Sales Engineer II

Zuora

Chennai, Tamil Nadu, India (On-Site)
4 Weeks ago
appier - Campaign Analyst (US) 02:00 AM-11:00 AM working hours

appier

Taipei City, Taiwan (On-Site)
9 Months ago
Highspot - Customer Success Manager, SMB

Highspot

Hyderabad, Telangana, India (Hybrid)
5 Months ago
Airbyte - Mid Market Account Executive

Airbyte

San Francisco, California, United States (On-Site)
3 Months ago
Safe security - FAIR Enablement Specialist

Safe security

New York, United States (On-Site)
3 Weeks ago
Eve  - Account Executive - Mid Market

Eve

United States (Remote)
8 Months ago
Thousand Eyes - Customer Success Manager

Thousand Eyes

São Paulo, Brazil (On-Site)
1 Month ago
Arketa - General Counsel

Arketa

United States (Remote)
2 Weeks ago

Get notifed when new similar jobs are uploaded

Jobs in Surry Hills, New South Wales, Australia

Canva - Staff Backend Engineer (Java)

Canva

Brisbane, Queensland, Australia (Remote)
4 Weeks ago
easygo - Front-End Software Development Engineer, Sportsbook

easygo

Melbourne, Victoria, Australia (On-Site)
2 Months ago
easygo - Partnerships Lead (Spanish Speaking)

easygo

Melbourne, Victoria, Australia (On-Site)
3 Weeks ago
Lorikeet - Technical Recruiter

Lorikeet

Sydney, New South Wales, Australia (On-Site)
1 Month ago
Alt VFX  - COMPOSITORS

Alt VFX

Brisbane, Queensland, Australia (On-Site)
1 Year ago
Flying Bark - Pipeline Release Manager

Flying Bark

Sydney, New South Wales, Australia (Hybrid)
2 Weeks ago
Illumina - Territory Sales Manager

Illumina

Queensland, Australia (On-Site)
1 Month ago
Canva - Senior Software Engineer - Frontend

Canva

Sydney, New South Wales, Australia (Remote)
3 Weeks ago
Harvey - Enterprise Account Executive, APAC

Harvey

Sydney, New South Wales, Australia (Hybrid)
1 Week ago
Canva - Engineering Manager (BE) - Content Management & Distribution

Canva

Sydney, New South Wales, Australia (Remote)
4 Months ago

Get notifed when new similar jobs are uploaded

Software Development & Engineering Jobs

zoox - Software Engineer - Ride and Fleet Services

zoox

Foster City, California, United States (Hybrid)
1 Year ago
bytedance - Software Engineer, Inference

bytedance

San Jose, California, United States (On-Site)
9 Months ago
CAE - Senior Manager Engineering

CAE

Broken Arrow, Oklahoma, United States (On-Site)
2 Weeks ago
Carry1st - Lead Engineer - Shop

Carry1st

South Africa (Remote)
3 Weeks ago
Qualcomm - Display Engineer

Qualcomm

Shanghai, China (On-Site)
1 Week ago
Escape Velocity Entertainment - Release Engineer

Escape Velocity Entertainment

(Remote)
4 Months ago
Nice - Software Engineering Student

Nice

Ra'anana, Center District, Israel (Hybrid)
4 Weeks ago
Apple - GPU Post-Silicon Engineering Program Manager

Apple

Cupertino, California, United States (On-Site)
3 Months ago
Bosch Group - Assistant Manager, CAPEX Engineer and Space Planner

Bosch Group

Nashik, Maharashtra, India (On-Site)
1 Month ago
bytedance - Video Experience Software Engineer Intern

bytedance

San Jose, California, United States (On-Site)
4 Months ago

Get notifed when new similar jobs are uploaded

About The Company

Beijing, China (On-Site)

Brisbane, Queensland, Australia (Remote)

Adelaide, South Australia, Australia (Remote)

Adelaide, South Australia, Australia (Remote)

Auckland, Auckland, New Zealand (Remote)

Beijing, China (On-Site)

Beijing, China (On-Site)

Brisbane, Queensland, Australia (Remote)

View All Jobs

Get notified when new jobs are added by Canva

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug