Cloud – Identity Engineer


Xero is a beautiful, easy-to-use platform that helps small businesses and their accounting and bookkeeping advisors grow and thrive. 

At Xero, our purpose is to make life better for people in small business, their advisors, and communities around the world. This purpose sits at the centre of everything we do. We support our people to do the best work of their lives so that they can help small businesses succeed through better tools, information and connections. Because when they succeed they make a difference, and when millions of small businesses are making a difference, the world is a more beautiful place.

We are looking for a Senior Security Engineer to join our Identity and Access team based in either Wellington, Auckland or Melbourne!

As a Senior Security Engineer, you’ll ensure our platform security systems are deployed, maintained and innovated in line with industry best practice and to best support the requirements of the Xero environment!

Who’s the team?

The mission of Identity and Access team is to provide the right individuals the right access at the right time.. We’re a collective of engineers from varying backgrounds that focus our efforts on making our platform and applications secure and easy to use for our developers and engineers. We build guard rails rather than roadblocks, and strive to make it easy for our customers to ship secure products with as little friction as possible. We’re looking for a curious cloud engineer to join our team and help us continue to keep Xero secure.

READ:   Engineer Structures

What’s the role?

As a Senior Security Engineer, you’ll be hands-on solving problems at scale in a massive AWS environment. You’ll become deeply familiar with the capabilities of our vendors to build and support modern and adaptable security services that will delight our customers. We run mission-critical infrastructure, and you’ll build resilient and scalable systems with quantifiable performance and reliability indicators to suit. Automated operations will be a de-facto standard for you, and you’ll be seeking new and interesting ways to reduce our operational overheads as much as possible. Most importantly, you’ll be a team player and get to work with and mentor an awesome group of engineers in an amazing and unique working environment.

What you’ll do

    • Ensure Xero Platform Identity and Access solutions are deployed and managed in a repeatable, reliable manner.
    • Be responsible for deployments which will include improving current processes and have a strong understanding of Continuous Integration/Delivery.  
    • Develop software and automation as agreed with the team. 
    • Administrate and work to automate AWS services like IAM, AWS SSO, Organizations, Code Pipeline S3, Lambda, EC2 etc.  
    • Administrate and work to automate other systems like Okta, Active Directory, Azure AD, Bastions, Duo etc
    • Evaluate and implement new security technology controls and solutions.  
    • Ensure that security systems are deployed in line with industry best practices.  
    • Develop and maintain platform security system documentation.  
    • Work with the Xero Security Teams and Production Platform services to ensure that any escalated incidents and problems are resolved in a timely and comprehensive manner.  
    • Proactively anticipate security platform operational issues and develop preventative measures.  
    • Participate in the 24/7 oncall roster as required
    • Maintain awareness of the changing security landscape within Xero.  
    • Help Xero Product teams effectively use Identity and Access solutions.  
    • Work on service requests and incidents in the Identity and Access team’s ticketing system.  
    • Be approachable and professional.
    • Encourage, assist and coach other team members.
READ:   Senior Product Marketing Manager - Cloud, Channel & Marketplace Partners

What you’ll bring:

    • Relevant engineering experience building and deploying solutions in a production environment on a public cloud (e.g AWS, Azure, GCP).
    • A proven ability to communicate and coach a Security mindset, and associated Security engineering skills.
    • Ability to coach and mentor team members
    • Ability to write code in Python, or other scripting language.
    • Understanding of DevOps and Agile practices
    • A solid grasp of networking and system administration fundamentals.
    • A good understanding of network security principles
    • Ability to independently take ownership of problems and solve them.
    • A strong drive to work in a team-oriented and collaborative environment.
    • A passion for delivering high quality products to your customers.

Why you should become a Xero

It’s a diverse and inclusive environment, with people who will respect, challenge, support and mentor you to do the best work of your life. We’re a place where innovation and change are not only encouraged but also celebrated. We value our people and want them to enjoy and take pride in their work.

We’re very supportive of flexible working arrangements and offer a competitive remuneration package including shares and life insurance, in addition to your base salary. We have a culture we’re proud of. Whether you’re after a workplace with a social vibe, or a workplace which understands your family is priority – Xero is all of that and more.

Remote working

Xero is continuing to grow and so are the opportunities to join us!

You can choose to perform this role:

– In one of our #beautiful offices (Auckland, Wellington or Melbourne)

– Flexibly, through a hybrid of in office and remote working styles

READ:   Internal Sales Hornby Branch, Christchurch

– Permanently Remote

As a permanent remote worker at Xero we want to ensure you are getting the same #beautiful employee experience as our in-office Xero’s. Permanent remote Xero’s will benefit from a virtual ergonomic work assessment and funding to assist with the improvement of your at home work setup. Xero will also fund up to 4 trips a year to your most relevant region Xero office. You are part of our #team and we want to see you thrive!

Xero is an NZ Immigration Accredited Employer and Rainbow Tick certified too.

Please include a cover letter in your application, telling us why you’re a great fit for this position.

  • Seniority level

    Entry level

  • Employment type


  • Job function

    Engineering and Information Technology

  • Industries

    Information Technology and Services, Computer Software, and Financial Services