Lead teams focused on Security Governance and Data Protection, implementing DLP controls, automation for compliance, and managing identity governance within cloud security architecture.
Our Purpose
At Xero, we’re here to help you supercharge your business. We do this by automating routine tasks, surfacing actionable insights and connecting businesses with the right data, advisors and apps. When that happens, we’re not only making life better for small business, we’ll be building a stronger economy that can change the world.
About the role
This role will you will be responsible for leading two critical high-performing engineering teams, Security Governance & Data Protection.
Our Security Governance team ensures robust identity governance, automates compliance processes, and streamlines continuous assurance to support Xero’s ISO and SOC2 attestations.
Our Data Protection team focuses on implementing and managing DLP (Data Loss Prevention) controls, as part of Xero’s SASE program and future data security initiatives.
We're looking for somebody who will drive a risk-based, automation-first approach to security governance and compliance; ensuring efficient access management, streamlined audit processes, and proactive data protection controls.
Your role will be pivotal in enabling Xero to scale security operations efficiently, reducing compliance overhead, and ensuring data security as the business grows.
As a engineering leader at Xero we expect you to come with high EQ, being self-aware, self-regulated, motivated and empathetic, with great interpersonal skills. You'll lead and live our vision and values – building and fostering an inclusive and positive team culture.
What you'll do
- Lead the Data Protection team by coaching, mentoring, and connecting their work directly to Xero's strategic goals.
- Lead Data Loss Prevention (DLP) controls to protect sensitive data across Xero’s environments; expanding our identity governance capabilities, ensuring scalable and efficient user access reviews, provisioning, and entitlements management across AWS and GCP.
- Develop and implement Continuous Assurance capabilities, automating security controls to support ISO, SOC2, and other regulatory attestations.
- Oversee the Identity Management Engine, ensuring it meets business needs while enabling self-service access control for teams.
- Work closely with the SASE program team to integrate data security policies into Xero’s cloud and network security architecture.
- Collaborate with internal stakeholders to ensure alignment between security governance, compliance, and business objectives; streamlining audit processes, with the aim of reducing the manual effort required for security certifications.
What you'll bring with you
- Proven track record of people leadership, demonstrating honesty and integrity.
- Strong expertise in Security Governance, Identity Governance, Compliance Automation, and Data Protection.
- Experience implementing and managing Identity Governance solutions (e.g., user access reviews, provisioning automation).
- Experience leading Data Protection initiatives, including DLP implementations in cloud and hybrid environments.
- Strong knowledge of SASE, Zero Trust, and cloud security principles, ensuring security is scalable and frictionless.
- Strong stakeholder management skills, with the ability to influence without authority and align security priorities with business needs.
Research has shown that women and underrepresented groups are less likely to apply to jobs unless they meet every single competency or experience . If you are excited about this role, but your past experience doesn't align perfectly, we encourage you to apply anyway. You could be just the right person for this role and Xero. If you have any support or access requirements, we encourage you to advise us at time of application and throughout the interview process.
Why Xero?
Offering very generous paid leave to use however you’d like (plus statutory holidays!), dedicated paid leave to care for your physical and mental wellbeing as well as an Employee Assistance Program to access mental health care for you and your family. Health insurance, life insurance, and income protection.
We offer wellbeing and sports programmes, employee resource groups, 26 weeks of paid parental leave for primary caregivers, an Employee Share Plan, beautiful offices, flexible working, career development, and many other benefits that reflect our human value.
You’ll do the best work of your life at Xero!
Top Skills
AWS
Dlp
GCP
Iso
Sase
Soc2
Xero Hawthorn West, Victoria, AUS Office
Xero Melbourne (HQ) Office
Xero’s head office in Australia is in the buzzing suburb of Hawthorn, a stone’s throw from the CBD. Here, a diverse mix of Xeros work in both global and regional teams.
Similar Jobs at Xero
Cloud • Fintech • Information Technology • Machine Learning • Software
As a Senior Security Engineer, you'll enhance security in software development by implementing secure coding, automated testing, and collaborating with cross-functional teams. You'll ensure efficient security practices and awareness while integrating security controls into CI/CD pipelines.
Top Skills:
DastGithub ActionsGitlab CiGoIacJavaJavaScriptJenkinsPythonSastSca
Cloud • Fintech • Information Technology • Machine Learning • Software
As a Senior Security Network Engineer, you'll manage network security, automate protocols, ensure compliance, optimize network performance, and mentor engineers.
Top Skills:
FirewallsLan SwitchingPythonSaseSd-WanTerraformVpnWanWifiZtna
What you need to know about the Melbourne Tech Scene
Home to 650 biotech companies, 10 major research institutes and nine universities, Melbourne is among one of the top cities for biotech. In fact, some of the greatest medical advancements were conceptualized and developed here, including Symex Lab's "lab-on-a-chip" solution that monitors hormones to predict ovulation for conception, and Denteric's vaccine for periodontal gum disease. Yet, the thousands of people working in the city's healthtech sector are just getting started, to say nothing of the tech advancements across all other sectors.
