Technology Risk Assurance Advisor

Wellington, NZ /
Business Services – Finance /
Xero is a beautiful, easy-to-use platform that helps small businesses and their accounting and bookkeeping advisors grow and thrive. 

At Xero, our purpose is to make life better for people in small business, their advisors, and communities around the world. This purpose sits at the centre of everything we do. We support our people to do the best work of their lives so that they can help small businesses succeed through better tools, information and connections. Because when they succeed they make a difference, and when millions of small businesses are making a difference, the world is a more beautiful place.

This newly created role reporting to the Head of Assurance, will support and assist in the delivery of the Assurance plan to ensure Xero is appropriately positioned through its next exciting stage of growth.  The purpose of the role is to provide the Audit and Risk Management Committee of the Board and the Executive team with assurance on key risks including:

- the adequacy and effectiveness of internal controls,  with a particular
focus on our IT controls, to ensure risks are managed appropriately;
- compliance with policies and frameworks and their effectiveness;
- the reliability and integrity of management information; and
- business effectiveness during periods of change.

You’ll help Xero protect and create value by providing assurance that there are effective controls and processes in place to manage our risks, and provide beautiful insights to drive actions and change to improve the business. 

What you’ll do:

    • Lead the delivery of the ISO27001 assurance plan which is a requirement under the ISO27001 standard to ensure Xero has best practice security management processes in place.
    • Assist in the delivery of the risk-based Assurance Work Plan which is approved by the Audit and Risk Committee, and is designed to effectively gauge the efficiency and effectiveness of Xero’s systems and controls.
    • Identify and make recommendations on process and system effectiveness including simplification, speed and operating in an integrated way.
    • Identify and report on areas of weaknesses in internal controls and processes, including  recommendation of remediatory action for streamlining and/or improvement.
    • Assist in the delivery of requests from Executives for specialised audits/reviews.
    • Encourage an understanding of the role of Risk and Assurance within the organisation.

What you'll bring with you:

    • Tertiary qualifications with at least 3-5 years experience performing Audit related activities.
    • Experience working in big-4 CA firms and/or a large corporate environment.
    • Experience and understanding of IT processes including operations, security, configuration, change, incident, problem and disaster recovery management.
    • Experience in planning and conducting audits in accordance with compliance requirements and risk and control framework, particularly ISO 27001.
Of course, you will also be a strong relationship builder and a team player. In return, we will provide you with an awesome place to work, with a fun loving group of colleagues who live and breath our values, one of those being #human. In your covering letter please let us know what #human means to you in the workplace.

Xero is an NZ Immigration Accredited Employer and Rainbow Tick certified too.

Please include a cover letter in your application, telling us why you’re a great fit for this position.