Senior Security Operations Analyst

Xero is a beautiful, easy-to-use platform that helps small businesses and their accounting and bookkeeping advisors grow and thrive. 
At Xero, our purpose is to make life better for people in small business, their advisors, and communities around the world. This purpose sits at the centre of everything we do. We support our people to do the best work of their lives so that they can help small businesses succeed through better tools, information and connections. Because when they succeed they make a difference, and when millions of small businesses are making a difference, the world is a more beautiful place.
How you’ll make an impact
As a Senior Security Operations Analyst you will work with internal Xero teams and 3rd party security service providers to monitor, detect and respond to events impacting the security of Xero and its customers.

What you’ll do

• As part of a 24 x 7 Security Operations capability, you will deliver on the responsibilities described as follows:
• Triage alerts received from the external SIEM and other sources.  Allocate remediation activities to appropriate Xero teams, track and escalate remediation activities to ensure timely resolution.
• Investigate and analyse customer security concerns and incidents, actual or suspected.  Work with CX and Legal teams to provide appropriate responses to customers.
• Investigate internal security incidents, actual or suspected, to contain and understand the extent of any impact.  Invoke and manage the Security Incident Response Plan if necessary. 
• Perform root cause analysis and recommend security improvements to prevent recurrence.
• Document standards defining requirements to meet operational security needs. Work with the other security teams to ensure these operational security standards are communicated and met across Xero.
• Define requirements to automate and continuously improve the efficiency of threat detection, alerting and response.
• Exploit security tools to continuously improve the detection, prevention and analysis of security incidents.
• Keep informed as to emerging security threats that have the potential to impact Xero and implement/recommend mitigating strategies.  Utilise available threat intelligence sources to inform and improve attack detection techniques. 
• Develop and maintain security operations playbooks and runbooks in support of the Security Incident Response Plan .
• Coach and mentor members of the security operations team to help them develop skills relevant to their discipline, and help them in becoming the best versions of themselves.
• Assist the team leader with various tasks including recruitment, training and development.
• Mentor product team members from other disciplines as needed about security operations and raise awareness of security and operational concerns as a key consideration of product development.

Success looks like

• Timely investigation, containment and effective resolution of security incidents.
• Timely responses to customer security concerns and questions.
• Continuous improvement of tools and processes for incident detection, analysis and response.

What you’ll bring with you

• 7+ years in a role in a security practice is preferential  
• Extensive experience in security operations
• Been recognized as a technical lead or the senior contributor  in your team.
• Strong coordination and incident management skills 
• Experience with AWS Is an asset.
• Working knowledge of security attack and defence techniques.
• Ability to lead and work as part of a team and able to take pride and ownership in their work.
• Has initiative and a passion for all things security and a willingness to go the extra mile.
• Excellent stakeholder management .
• Able to effectively communicate to a wider range of people.
• Creates an environment in which the team will thrive and excel.
• Creates a collaborative environment and empowers others.
• An innovative and positive team player with a “can do” attitude.
• Fast learner, detail oriented, decisive, and enjoys fast paced work environments.

Why Xero?
At Xero, we are empowered to bring our ‘whole self’ to work. Our collaborative and inclusive culture is one we’re immensely proud of. We know that a diverse workforce is a strength that enables businesses, including ours, to better understand and serve customers, attract top talent and innovate. We care about learning together and celebrate our teams’ continuous improvement and career development. 
Want to read more about inclusivity at Xero? Learn a little more about it here.
We offer a great remuneration package, including compelling benefits and perks, like Xero shares and great parental leave policies. We also support flexible working arrangements that allow you to balance your work, your life and your passions. Our Canadian Xero family includes Hubdoc and TaxCycle and we have offices in Toronto, Calgary, and Vancouver. From the moment you step through our doors, you’ll feel welcome and supported to do the best work of your life.
At Xero we embrace diversity and inclusion and value a #challenge mindset. Research has shown that women and underrepresented groups are less likely to apply to jobs unless they meet every single competency or experience . If you are excited about this role, but your past experience doesn't align perfectly, we encourage you to apply anyway. You could be just the right person for this role and Xero. If you have any support or access requirements, we encourage you to advise us at time of application and throughout the interview process.