Talent.com
This job offer is not available in your country.
Team Lead - Application Security

Team Lead - Application Security

XeroAuckland, Auckland, New Zealand
30+ days ago
Job description

Our Purpose

At Xero, we’re here to help you supercharge your business. We do this by automating routine tasks, surfacing actionable insights and connecting businesses with the right data, advisors and apps. When that happens, we’re not only making life better for small business, we’ll be building a stronger economy that can change the world.

How you’ll make an impact

As the Team Lead - Application Security, you will be responsible for establishing and leading two specialised AppSec teams : Application Security Consulting and Application Security Engineering and. Your role is pivotal in creating and driving the successful execution of Application Security in Xero. You will own the delivery of the AppSec roadmap. You will ensure a proactive approach to embedding security into Xero’s software development lifecycle (SDLC).You will create an environment where your teams can perform at their best, predictably and sustainably, by fostering a strong secure-by-design / secure-by-default culture and empowering Xero’s engineers to ship secure code at scale. Your work will directly impact reducing software security risks and improving the overall security posture of Xero's internally developed applications.

You will create an environment where your teams can perform at their best, predictably and sustainably, by fostering a strong secure-by-design / secure-by-default culture and empowering Xero’s engineers to ship secure code at scale. Your work will directly impact reducing software security risks and improving the overall security posture of Xero's internally developed applications.

What you'll do

  • Build and lead the Application Security Engineering and Application Security Consulting teams, ensuring alignment with Xero’s security and engineering strategy.
  • Develop and execute the Application Security roadmap in partnership with the Security Product team, embedding security best practices throughout Xero’s software development lifecycle, from architecture and design to testing and deployment.
  • Drive the implementation and maintenance of security tools and technologies, and automate security processes within CI / CD pipelines through the AppSec Engineering team.
  • Oversee the AppSec Engineering team in conducting security testing and vulnerability assessments focused on internally developed applications.
  • Guide the AppSec Consulting team in the design of secure application infrastructure, the development of security frameworks and best practices, and collaboration with development teams on secure design patterns.
  • Partner with engineering teams to shift security left, integrating automated security testing, secure coding practices, and DevSecOps methodologies.
  • Provide technical oversight and mentorship, ensuring application security risks are well-understood, prioritised, and mitigated effectively.
  • Work closely with product and engineering teams to balance application security requirements with developer productivity and business agility.
  • Collaborate with the Sec-Education team to provide regular workshops and training on application security matters, enhancing understanding of application risks for relevant employees.
  • As required, lead, develop, and grow high-performing AppSec Engineering and AppSec Consulting teams by providing coaching, mentorship, and setting a clear direction by connecting their work to the Technology and Xero’s strategic objectives.
  • Foster a culture of security enablement, where developers and engineers feel supported in building secure products.
  • Collaborate closely with security, engineering, and product teams to embed security at every stage of the development process.
  • Champion continuous improvement, leveraging industry best practices and emerging trends to refine application security approaches.
  • Promote a culture of psychological safety and inclusion, ensuring all team members feel empowered to contribute and raise concerns.

Success looks like

  • Your team implements developer-friendly security practices that reduce software security risks without slowing down development.
  • Successfully delivers on the Application Security roadmap, embedding secure coding, threat modeling for projects, and automated security testing.
  • Drives proactive application security initiatives that reduce the attack surface across Xero’s applications.
  • Provides strategic and technical guidance to ensure robust security measures are maintained for all applications.
  • Works closely with engineering and platform teams to automate security practices within the development lifecycle.
  • Provides insights on application security posture, ensuring leadership has clear visibility of risk trends and remediation progress relevant to applications.
  • Your reports clearly understand how their work contributes to Xero’s security and business success.
  • Clearly understand their areas of development and their personal growth. Feel supported in their career growth and technical development.
  • Actively collaborate with engineering teams, breaking down silos and fostering a culture of shared security responsibility.
  • Are empowered and challenged to do their best work and their skills are continuously being developed through new learnings and experiences.
  • Contribute to security knowledge-sharing across Xero, empowering product teams to take ownership of security within their domains.
  • Are recognised and celebrated for good performance, and effectively managed when performing poorly.
  • Are supported to produce the best work of their lives by your understanding and ability to remove barriers.

    • What you'll bring with you

  • Strong domain expertise in Application Security (AppSec) with experience in securing modern software applications.
  • Experience with security tooling, including SAST, DAST, SCA, and security automation within CI / CD pipelines.
  • Coach and mentor – utilising software delivery, technical experience and expertise, offering the right knowledge, at the right time in the right way – understanding why and how people learn.
  • Growth mindset – understanding that competency is not fixed but is enhanced through dedication and hard work. Demonstrating a love of learning and resilience to adversity that is essential for great accomplishment.
  • High EQ – self-aware, self-regulated, motivated and empathetic, with great interpersonal skills.
  • Leading and living the vision and values – building and fostering an inclusive and positive team culture. Keeping the team’s vision and values at the forefront of decision-making.
  • Deep understanding of secure coding practices, DevSecOps, threat modeling, security architecture, and application risk management.
  • Proven track record of leading teams to deliver high-quality software in a fast-paced environment, leveraging lean-agile techniques, while managing competing priorities and ensuring alignment with strategic goals.
  • Excellent grasp of modern software delivery practices and life cycle.
  • Proven ability to balance the needs of the individual with the needs of the business.
  • Experience with coaching and mentoring.
  • Strong stakeholder management skills, with the ability to influence without authority and align security priorities with business needs.
  • Passion for developer enablement, making security accessible and empowering engineers to write secure code.
  • Communicate and help others understand the importance of the vision and values. Translate the vision and values into day-to-day activities and behaviors.
  • Have a good understanding of the importance of Xero's Engineering standards and practices and are able to coach teams to adhere to them.
  • People leadership – demonstrating honesty and integrity. Providing clear objectives, guiding career development and fostering an inclusive environment that promotes psychological safety and teamwork. Clearly communicating expectations. Having an open mind and the flexibility to change opinions. Developing and supporting others.
  • Teamwork – working with peers and stakeholders to establish an overall collaborative relationship.
  • Outstanding communication and time management skills.

    • Why Xero?

    Offering very generous paid leave to use however you’d like (plus statutory holidays!), dedicated paid leave to care for your physical and mental wellbeing as well as an Employee Assistance Program to access mental health care for you and your family, free medical insurance, wellbeing and sports programmes, employee resource groups, 26 weeks of paid parental leave for primary caregivers, an Employee Share Plan, beautiful offices, flexible working, career development, and many other benefits that reflect our human value, you’ll do the best work of your life at Xero.

    #J-18808-Ljbffr

    Create a job alert for this search

    Lead Application • Auckland, Auckland, New Zealand

    Related jobs
    • Promoted
    Team Lead - Avionics Hardware

    Team Lead - Avionics Hardware

    Rocket LabAuckland, New Zealand
    Rocket Lab is an end-to-end space company delivering responsive launch services, spacecraft design and manufacturing, payloads, satellite components, and more — all with the goal of opening access ...Show moreLast updated: 9 days ago
    • Promoted
    Team Lead - Avionics Hardware

    Team Lead - Avionics Hardware

    Space TalentAuckland, New Zealand
    OverviewABOUT ROCKET LABRocket Lab is an end-to-end space company delivering responsive launch services, complete spacecraft design and manufacturing, payloads, satellite components, and more – all...Show moreLast updated: 8 days ago
    • Promoted
    Business Analyst

    Business Analyst

    Exceeding International LimitedNorth Shore City, Auckland, New Zealand
    Raytec is seeking a motivated and detail-oriented Business Analyst to join our dynamic team.This is a full-time, permanent role based in Auckland, offering a competitive hourly rate and career grow...Show moreLast updated: 22 days ago
    • Promoted
    Senior Security Consultant - Customer Master

    Senior Security Consultant - Customer Master

    Robert WaltersAuckland, Auckland, New Zealand
    Senior Security Consultant - Customer Master.Senior Security Consultant - Customer Master.Senior Security Consultant - Customer Master. Be among the first 25 applicants.Senior Security Consultant - ...Show moreLast updated: 30+ days ago
    • Promoted
    Digital Lead

    Digital Lead

    Resolution Life Group Services LimitedAuckland, Auckland, New Zealand
    Digital Lead page is loaded## Digital Leadlocations : Wellington : Melbourne : Auckland : Sydneytime type : Full timeposted on : Posted Todaytime left to apply : End Date : October 15, 2025 (...Show moreLast updated: 9 days ago
    • Promoted
    Technical Lead - Applications

    Technical Lead - Applications

    Randstad New ZealandAuckland, Auckland, New Zealand
    Our client is a large and complex government organisation operating nationally.As a Technical Lead, you will be responsible for implementing and supporting diverse and complex business systems — bo...Show moreLast updated: 30+ days ago
    • Promoted
    Lead Security Engineer - Auckland, New Zealand

    Lead Security Engineer - Auckland, New Zealand

    TermiusAuckland, Auckland, New Zealand
    Lead Security Engineer - Auckland, New Zealand.Join to apply for the Lead Security Engineer role at Termius.Termius is redefining how engineers interact with remote systems.Millions of engineers an...Show moreLast updated: 30+ days ago
    • Promoted
    Web Team Lead

    Web Team Lead

    Serato LimitedAuckland, Auckland, New Zealand
    Serato is a world leader in audio software for professional DJs and musicians.Our products are used by world-renowned artists such as Disclosure, Timbaland, Metro Booming, Snoop Dogg, and DJ Snake....Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Analyst

    Senior Security Analyst

    Lightspeed CommerceAuckland, Auckland, New Zealand
    Conduct security assessments of in-house and third-party applications to find vulnerabilities and risks.Champion security best practices and proactive threat mitigation across the organisation.Help...Show moreLast updated: 5 days ago
    • Promoted
    Lead Security Engineer - Auckland, New Zealand

    Lead Security Engineer - Auckland, New Zealand

    Termius CorporationAuckland, Auckland, New Zealand
    Termius is redefining how engineers interact with remote systems.Millions of engineers and thousands of companies rely on Termius worldwide. While AI has transformed modern IDEs, a terminal stays th...Show moreLast updated: 25 days ago
    • Promoted
    Team Lead - Electron Vehicle Development

    Team Lead - Electron Vehicle Development

    Rocket LabAuckland, Auckland, New Zealand
    ABOUT ROCKET LABRocket Lab is a global leader in launch and space systems.The rockets and satellites we build and launch enable some of the most ambitious and vital space missions globally, support...Show moreLast updated: 24 days ago
    • Promoted
    Cyber Security Leader

    Cyber Security Leader

    Kpmg New ZealandAuckland, New Zealand
    KPMG is one of the most trusted and respected global professional services firms.Through depth of expertise, clarity of insight and strength of purpose we help our clients solve complex challenges,...Show moreLast updated: 8 days ago
    • Promoted
    Global Head of GSI Alliances

    Global Head of GSI Alliances

    CanonicalWorkFromHome, Auckland, New Zealand
    Canonical is a leading provider of open source software and operating systems to the global enterprise and technology markets. Our platform, Ubuntu, is very widely used in breakthrough enterprise in...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Analyst Auckland, Auckland, New Zealand

    Senior Security Analyst Auckland, Auckland, New Zealand

    LightspeedAuckland, Auckland, New Zealand
    Are you actively looking for a new opportunity? Or just checking the market? Well… you might just be in the right place!. We’re looking for a Senior Security Analyst to join our team in Auckland.As ...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Business Analyst - Enterprise And Cyber Security

    Senior Business Analyst - Enterprise And Cyber Security

    Auckland AirportAuckland, Auckland, New Zealand
    As our Senior Business Analyst, you will be joining a high-performing Digital Delivery team.This strategic role is responsible for leading business analysis to support the development and implement...Show moreLast updated: 9 days ago
    • Promoted
    Domain Consultant - Security Operations Transformation

    Domain Consultant - Security Operations Transformation

    Palo Alto NetworksAuckland, Auckland, New Zealand
    At Palo Alto Networks everything starts and ends with our mission : Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and mo...Show moreLast updated: 5 days ago
    • Promoted
    Lead Application Security Engineer

    Lead Application Security Engineer

    HalterAuckland, Auckland, New Zealand
    Halter enables farmers to grow and graze more grass through the use of virtual fencing.Every farm is deployed with communication infrastructure and a collar for each animal, which is then paired wi...Show moreLast updated: 10 days ago
    • Promoted
    Team Lead - Electron Vehicle Development

    Team Lead - Electron Vehicle Development

    Space TalentAuckland, Auckland, New Zealand
    Rocket Lab is a global leader in launch and space systems.The rockets and satellites we build and launch enable some of the most ambitious and vital space missions globally, supporting scientific e...Show moreLast updated: 30+ days ago