Senior Technology Risk & Compliance Analyst

Summary

Join Canva's Technology Risk & Compliance team as a Senior Technology Risk & Compliance Analyst and partner with various teams to enhance Canva's technology control environment. Drive multi-team projects to meet compliance obligations, organize and facilitate internal and external technology audits, and empower business decisions by articulating technology and security risks. Improve efficiency in risk management and compliance, build a culture of risk and compliance literacy, and contribute to team responsibilities within Canva's technology risk and information security management system. This role requires at least 5 years of experience in technology risk and compliance, including hands-on controls testing, audit facilitation, and control design. Practical knowledge of industry standards like ISO 27001, SOC 2, and PCI DSS is essential, and experience with SOX or FedRAMP frameworks is preferred. The ideal candidate thrives in cross-functional environments and possesses strong communication skills.

Requirements

• Bring at least 5 years of experience in technology risk and compliance, including hands-on controls testing, audit facilitation, and control design discussions
• Have practical knowledge of key industry standards such as ISO 27001, SOC 2, and PCI DSS, and ideally exposure to SOX or FedRAMP frameworks
• Understand the technical foundations of SaaS - cloud infrastructure, CI/CD, and identity systems- well enough to engage meaningfully with engineering teams
• Thrive in cross-functional environments, working effectively with diverse stakeholders at all levels
• Be a strong communicator with sharp attention to detail and a mindset for continuous improvement
• Be comfortable leveraging tools like Jira, Confluence, and ideally, continuous control monitoring platforms like Anecdotes
• Have hands-on experience using AI in your work to drive greater impact

Responsibilities

• Partner with teams across Canva to drive improvements to Canva’s technology control environment
• Drive multi-team projects to meet Canva’s new technology and information security compliance obligations
• Organise and facilitate Canva’s internal and external technology audits and control testing processes
• Empower business decisions by clearly articulating technology and security risks
• Drive efficiency improvements that reduce the manual effort involved in risk management and compliance activities
• Build a culture of risk and compliance literacy across diverse stakeholders
• Actively contribute to team responsibilities and other parts of Canva’s technology risk and information security management system

Benefits

• Equity packages - we want our success to be yours too
• Inclusive parental leave policy that supports all parents & carers
• An annual Vibe & Thrive allowance to support your wellbeing, social connection, office setup & more
• Flexible leave options that empower you to be a force for good, take time to recharge and supports you personally