Xero is a beautiful, easy-to-use platform that helps small businesses and their accounting and bookkeeping advisors grow and thrive.
At Xero, our purpose is to make life better for people in small business, their advisors, and communities around the world. This purpose sits at the centre of everything we do. We support our people to do the best work of their lives so that they can help small businesses succeed through better tools, information and connections. Because when they succeed they make a difference, and when millions of small businesses are making a difference, the world is a more beautiful place.
As the Security Operations Analyst, you will work with a wide range of internal Xero teams and 3rd party security service providers to monitor, detect and respond to events impacting the security of Xero and its customers.
What you'll do:
- Triage alerts received from the external Security Operations Centre (SOC) and other sources. Allocate remediation activities to appropriate Xero teams, track and escalate remediation activities to ensure timely resolution.
- Investigate and analyse customer security concerns and incidents, actual or suspected. Work with CX and Legal teams to provide appropriate responses to customers.
- Investigate internal security incidents, actual or suspected, to contain and understand the extent of any impact. Invoke the Security Incident Response Plan if necessary. Perform root cause analysis and recommend security improvements to prevent recurrence.
- Contribute to standards defining requirements to meet operational security needs, such as security event logging and monitoring agent implementation/maintenance. Work with the other security teams to ensure these operational security standards are communicated and met across Xero.
- Define requirements to automate and continuously improve the efficiency of threat detection, alerting and response.
- Exploit security tools to continuously improve the detection, prevention and analysis of security incidents.
- Keep informed as to emerging security threats that have the potential to impact Xero and implement/recommend mitigating strategies. Utilise available threat intelligence sources to inform and improve attack detection techniques.
- Maintain security operations playbooks and runbooks in support of the Security Incident Response Plan.
- Raise awareness among product team members from other disciplines about security operations and operational concerns as a key consideration of product development.
What you'll bring:
- 3+ years in an Operational Security role.
- Professional experience using AWS or other cloud services is preferred
- Strong coordination and incident management skills.
- Knowledge of security attack and defence techniques.
- Ability to work as part of a team and able to take pride and ownership in their work.
- Has initiative and a passion for all things security and a willingness to go the extra mile.
- Excellent stakeholder management.
- Able to effectively communicate to a wide range of people.
- An innovative and positive team player with a “can do” attitude.
- Fast learner, detail oriented, decisive, and enjoys fast paced work environments.
This role will involve on-call availability and there is also the option to work outside of the normal 9-5 if that suits your flexible way of working. If you are ready to take on a new challenge in a fast-paced organisation where the sky's the limit we want to hear from you!
Why you should become a Xero
It’s a diverse and inclusive environment, with people who will respect, challenge, support and mentor you to do the best work of your life. We’re a place where innovation and change are not only encouraged but also celebrated. We value our people and want them to enjoy and take pride in their work.
We’re very supportive of flexible working arrangements and offer a competitive remuneration package including shares and life insurance, in addition to your base salary. We have a culture we’re proud of. Whether you're after a workplace with a social vibe, or a workplace which understands your family is priority - Xero is all of that and more.
Xero is an NZ Immigration Accredited Employer and Rainbow Tick certified too.
Please include a cover letter in your application, telling us why you’re a great fit for this position.