What you'll do
- Develop and implement secure coding practices, working closely with engineers to uplift security awareness and adoption
- Integrate automated security testing (SAST, DAST, SCA, IaC scanning) and security policy enforcement into CI/CD pipelines to identify vulnerabilities early.
- Work with DevOps and engineering teams to build security guardrails, ensuring frictionless security adoption; driving a "shift-left" security mindset by enabling teams with secure coding guidance, tooling, and risk-based security testing.
- Assist engineering teams in threat modeling to proactively identify and mitigate security risks in software designs. Ultimately looking to improve visibility and reporting of application security risks, helping teams understand and measure their security posture.
- Build and manage security automation tools, integrating them into existing developer workflows; contribute to DevSecOps initiatives, ensuring security controls are scalable, efficient, and developer-friendly.
- Participate in cross-functional security initiatives, working on security improvements that impact multiple teams. Continuously evaluate and improve security tools, scanning coverage, and security-as-code implementations.
What you'll bring with you
- Extensive experience in Application Security, Secure Software Development, and DevSecOps practices.
- Hands-on experience with automated security testing tools, including SAST, DAST, SCA, and IaC security scanning.
- Proficiency in programming and scripting languages (Python, Java, Go, JavaScript, or similar); coupled with a strong understanding of secure coding principles, OWASP Top 10, SANS CWE, and software security best practices.
- Hands-on experience securing APIs, microservices, cloud-native applications, and serverless architectures
- Experience integrating security controls into CI/CD pipelines (Jenkins, GitHub Actions, GitLab CI, or similar).
- Solid background in vulnerability management, risk assessment, and application security triage; including incident response, investigating and mitigating application security breaches.
Xero Compensation & Benefits Highlights
-
Parental & Family Support — Paid parental leave is outlined as up to 26 weeks for primary caregivers with six weeks for partners, supported by family-forming benefits through Carrot. Flexible return-to-work support is also highlighted.
-
Leave & Time Off Breadth — Time off provisions include 21 days of annual leave, 10 wellbeing days, five Xtra days, three year-end company holidays, a paid volunteer day, and flexible working options. Global materials also emphasize additional wellbeing leave and local flexibility.
-
Healthcare Strength — U.S. coverage includes medical via Cigna or Kaiser with dental and vision, complemented by global mental-health support through Modern Health for employees and immediate family. Life, AD&D, and short- and long-term disability are also included in the package.
Xero Insights
Similar Jobs
What We Do
Xero is small business accounting software that provides a platform on which businesses can build a fully integrated solution. It’s designed to make life better for people in small business, their advisors, and communities around the world. Xero minimises tedious admin by automating routine tasks, delivers valuable insights when needed, and brings together business data, trusted advisors, and powerful apps in one intuitive platform. By alleviating pain points, Xero empowers small business owners to supercharge their business, simplifying the complex and freeing up time from manual admin so they can focus on what really matters to build the business they’ve always envisaged.
Why Work With Us
Xero is a human-centric organization where you’ll have a tangible impact on the success of small businesses and their communities, globally. Our team of energised, forward-thinkers work to make life better for our customers and each other every day. We’re also always committed to supporting you with a flexible environment.
Gallery
Xero Teams
Xero Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
Join us from home or at one of our beautiful workspaces. Xero has offices in Australia, New Zealand, United Kingdom, United States, Canada, Singapore, and South Africa.
