Taro Logo

Senior Security Engineer (AppSec)

Xero

A company that helps businesses by automating routine tasks, providing actionable insights and connecting businesses with data, advisors and apps.
Melbourne VIC, AustraliaSydney NSW, AustraliaBrisbane QLD, Australia
Security
Senior Software Engineer
Hybrid
5+ years of experience
Enterprise SaaS · Finance

Job Description

Xero is seeking a Senior Security Engineer (AppSec) to join their newly formed Application Security team. This role focuses on secure software development, DevSecOps, security automation, and vulnerability management. The position is crucial in securing Xero's software development lifecycle (SDLC), ensuring security is embedded into engineering workflows while enabling teams to deliver secure products at scale.

The ideal candidate will work cross-functionally with engineering, product, and security teams to build and improve security tooling, secure coding practices, and automated security controls. They should have a passion for security automation and security-as-code, with the ability to leverage tools to improve efficiency. The role requires a growth mindset and continuous adaptation to emerging threats and security trends.

Key responsibilities include developing secure coding practices, integrating automated security testing, building security guardrails, assisting with threat modeling, and managing security automation tools. The position requires extensive experience in Application Security, DevSecOps practices, and proficiency in programming languages like Python, Java, Go, or JavaScript.

Xero offers an attractive benefits package including generous paid leave, health insurance, mental wellbeing support, parental leave, and flexible working arrangements. The company's mission is to help supercharge businesses by automating routine tasks and providing actionable insights, making it an exciting opportunity for security professionals looking to make a significant impact.

Last updated 4 days ago

Responsibilities For Senior Security Engineer (AppSec)

  • Develop and implement secure coding practices
  • Integrate automated security testing (SAST, DAST, SCA, IaC scanning) into CI/CD pipelines
  • Work with DevOps and engineering teams to build security guardrails
  • Assist engineering teams in threat modeling
  • Build and manage security automation tools
  • Participate in cross-functional security initiatives

Requirements For Senior Security Engineer (AppSec)

Python
Java
JavaScript
Go
  • Extensive experience in Application Security, Secure Software Development, and DevSecOps practices
  • Hands-on experience with automated security testing tools
  • Proficiency in programming and scripting languages
  • Hands-on experience securing APIs, microservices, cloud-native applications, and serverless architectures
  • Experience integrating security controls into CI/CD pipelines
  • Solid background in vulnerability management, risk assessment, and application security triage

Benefits For Senior Security Engineer (AppSec)

Medical Insurance
Mental Health Assistance
Parental Leave
Equity
  • Generous paid leave
  • Dedicated paid leave for physical and mental wellbeing
  • Employee Assistance Program
  • Health insurance
  • Life insurance
  • Income protection
  • Wellbeing and sports programmes
  • 26 weeks of paid parental leave for primary caregivers
  • Employee Share Plan
  • Flexible working
  • Career development

Related Jobs

Senior Security Network Engineer
Xero

Senior Security Network Engineer position at Xero, focusing on corporate network security, automation, and infrastructure development with hybrid work options in Melbourne or Sydney.

Senior Network Security Automation Engineer
Microsoft

Senior Network Security Automation Engineer role at Microsoft, combining security expertise with automation engineering to protect Microsoft's global datacenter infrastructure. Remote work available.

Information Security Engineer
ING Australia

Senior Information Security Engineer role at ING Australia, focusing on secure solution development, team mentoring, and risk management in banking technology.

Infrastructure Security Engineer (DevSecOps)
Binance

Senior Infrastructure Security Engineer position at Binance, focusing on DevSecOps and cloud security for the world's largest cryptocurrency exchange.

Senior Software Engineer - Hextech, Gameplay
Riot Games

Senior Software Engineer position at Riot Games focusing on Hextech Gameplay systems and tools for League of Legends

Taro Footer Icon
Taro Footer Logo
Explore Interview QuestionsGoogle Interview QuestionsMeta Interview QuestionsAmazon Interview QuestionsApple Interview QuestionsNetflix Interview Questions
Explore Jobs By LevelEntry-Level Software Engineer JobsMid-Level Software Engineer JobsSenior Software Engineer JobsStaff Software Engineer Jobs
Explore TrendingLayoffsPerformance Improvement PlanSystem DesignInterpersonal CommunicationTech Lead
ProductBecome An AffiliateGreat DiscussionsPerksTopics
CompanyBlogPrivacy PolicyTerms & ConditionsSupport
Taro iOS appTaro Android app
LinkedIn IconTwitter IconYouTube Icon
Copyright © Taro