Team lead - Security (multiple roles)
Melbourne, AU / Sydney, AU
Technology – Security /
Permanent /
Hybrid
Our Purpose
At Xero, we’re here to help you supercharge your business. We do this by automating routine tasks, surfacing actionable insights and connecting businesses with the right data, advisors and apps. When that happens, we’re not only making life better for small business, we’ll be building a stronger economy that can change the world.
Security at Xero
Security is at the core of everything we do and everything we build. From preventing vulnerabilities before they become risks, to embedding secure practices in every line of code, to ensuring data and compliance controls are both robust and efficient. Our security teams enable Xero to move fast, innovate, and protect what matters most.
We have three Team Lead roles available, and we invite you to read the brief summary of each and apply to the role that matches your professional expertise.
Team Lead – Vulnerability Management
- Lead the charge in protecting Xero’s systems by identifying, prioritising, and remediating vulnerabilities across infrastructure, cloud, and applications. In this role, you’ll drive automation, integrate security into CI/CD pipelines, and partner closely with engineering teams to ship securely at speed. You’ll guide a high-performing team, foster a culture of shared security responsibility, and deliver clear, risk-informed insights that strengthen Xero’s overall security posture.
- Primary Locations: Wellington / Auckland, Secondary locations: Melbourne /Sidney
Team Lead – Application Security
- Build and lead two specialist teams—Application Security Engineering and Application Security Consulting—to embed security throughout Xero’s software development lifecycle. You’ll champion secure-by-design practices, guide the delivery of the AppSec roadmap, and empower developers to ship secure code without slowing down delivery. From threat modelling to automated security testing, you’ll be at the forefront of reducing software risk while enabling innovation.
- Primary location: Melbourne. Secondary locations: Wellington, Aukland, Sydney
Team Lead – Security Governance & Data Protection
- Oversee Xero’s Governance and Data Protection teams to strengthen identity governance, streamline compliance, and deploy proactive data protection controls. You’ll drive automation-first processes for ISO and SOC2 attestations, manage DLP policies as part of Xero’s SASE program, and ensure access management follows zero trust principles. Your work will protect sensitive data while reducing operational and compliance overhead.
- Primary Location: New Zealand, Secondary location: Melbourne
Core criteria
- Proven people leadership with hands-on performance management experience
- Strong delivery capability, including work breakdown, planning, estimation, progress tracking, and dependency management
- Relevant technical/domain expertise and an engineering background
Why Xero?
Offering very generous paid leave to use however you’d like (plus statutory holidays!), dedicated paid leave to care for your physical and mental wellbeing as well as an Employee Assistance Program to access mental health care for you and your family, free medical insurance, wellbeing and sports programmes, employee resource groups, 26 weeks of paid parental leave for primary caregivers, an Employee Share Plan, beautiful offices, flexible working, career development, and many other benefits that reflect our human value, you’ll do the best work of your life at Xero.
