Be an Early Applicant
Xero’s online accounting software connects small business owners with their numbers, their bank, and advisors anytime.
The Role
Lead two specialized AppSec teams to implement security best practices, drive security initiatives, and integrate security into the software development lifecycle.
Summary Generated by Built In
Our Purpose
At Xero, we’re here to help you supercharge your business. We do this by automating routine tasks, surfacing actionable insights and connecting businesses with the right data, advisors and apps. When that happens, we’re not only making life better for small business, we’ll be building a stronger economy that can change the world.
About the role
This role is pivotal in creating and driving the successful execution of Application Security at Xero, responsible for establishing and leading two specialised AppSec teams: Application Security Consulting and Application Security Engineering.
We're looking for somebody to build high-performing teams and own the delivery of our AppSec roadmap, ensuring a proactive approach to embedding security into Xero’s software development lifecycle.
You will create an environment where your teams can perform at their best, predictably and sustainably, by fostering a strong secure-by-design/secure-by-default culture and empowering Xero’s engineers to ship secure code at scale. Your work will directly impact reducing software security risks and improving the overall security posture of Xero's internally developed applications.
As a engineering leader at Xero we expect you to come with high EQ, being self-aware, self-regulated, motivated and empathetic, with great interpersonal skills. You'll lead and live our vision and values – building and fostering an inclusive and positive team culture.
What you'll do
- Lead, develop, and grow high-performing AppSec Engineering and AppSec Consulting teams by providing coaching, mentorship, ensuring alignment with Xero’s security and engineering strategy.
- In partnership with the Security Product team, develop and execute the Application Security roadmap; embedding security best practices throughout Xero’s software development lifecycle, from architecture and design to testing and deployment.
- Drive the implementation and maintenance of security tools and technologies, partnering with engineering teams to shift security left, integrating automated security testing, secure coding practices, and DevSecOps methodologies.
- Provide technical oversight and mentorship, ensuring application security risks are well-understood, prioritised, and mitigated effectively.
- Collaborate closely with security, engineering, and product teams to embed security at every stage of the development process, balancing application security requirements with developer productivity and business agility.
- Collaborate with the Sec-Education team to provide regular workshops and training on application security matters, enhancing understanding of application risks for relevant employees.
- Foster a culture of security enablement, where developers and engineers feel supported in building secure products.
What you'll bring with you
- People leadership, demonstrating honesty and integrity. Proven track record of leading teams to deliver high-quality software in a fast-paced environment, leveraging lean-agile techniques, while managing competing priorities and ensuring alignment with strategic goals.
- Coaching and mentoring; utilising software delivery, technical experience and expertise, offering the right knowledge, at the right time in the right way – understanding why and how people learn.
- Strong domain expertise in Application Security (AppSec) with experience in securing modern software applications.
- Experience with security tooling, including SAST, DAST, SCA, and security automation within CI/CD pipelines.
- Deep understanding of secure coding practices, DevSecOps, threat modeling, security architecture, and application risk management.
- Strong stakeholder management skills, with the ability to influence without authority and align security priorities with business needs.
Research has shown that women and underrepresented groups are less likely to apply to jobs unless they meet every single competency or experience . If you are excited about this role, but your past experience doesn't align perfectly, we encourage you to apply anyway. You could be just the right person for this role and Xero. If you have any support or access requirements, we encourage you to advise us at time of application and throughout the interview process.
Why Xero?
Offering very generous paid leave to use however you’d like (plus statutory holidays!), dedicated paid leave to care for your physical and mental wellbeing as well as an Employee Assistance Program to access mental health care for you and your family, free medical insurance, wellbeing and sports programmes, employee resource groups, 26 weeks of paid parental leave for primary caregivers, an Employee Share Plan, beautiful offices, flexible working, career development, and many other benefits that reflect our human value, you’ll do the best work of your life at Xero.
Top Skills
Ci/Cd
Dast
Sast
Sca
Security Automation
What the Team is Saying
Rose
Health, Safety, Security & Environment Advisor
Sophia
Senior Account Manager
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Xero is a global small business platform with 3.95 million subscribers which includes a core accounting solution, payroll, workforce management, expenses and projects. Xero also has an extensive ecosystem of connected apps and connections to banks and other financial institutions helping small businesses access a range of solutions from within Xero’s open platform to help them run their business and manage their finances.
Why Work With Us
Xero is not like most companies. When you join Xero, you become part of something beautiful —a global community of people who are passionate about making an impact on the world. It’s a place where you can truly be yourself and find success in a way that’s meaningful to you.
Gallery
Xero Teams
Leadership
About our Teams
Xero Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
Join us from home or at one of our beautiful workspaces. Xero has offices in Australia, New Zealand, United Kingdom, United States, Canada, Singapore, and South Africa.
Typical time on-site:
Flexible
Wellington, NZ
Singapore
Auckland, NZ
Brisbane
Denver, CO
Melbourne (HQ)
London, GB
Napier, NZ
New York, NY
San Mateo, CA
Sydney, NSW
Toronto, Ontario
Learn more
