Team Lead - Security Risk at Waddle

Security, Permanent, Melbourne, AU melbourne full-time
Description
Posted a month ago

Xero is a beautiful, easy-to-use platform that helps small businesses and their accounting and bookkeeping advisors grow and thrive. 

At Xero, our purpose is to make life better for people in small business, their advisors, and communities around the world. This purpose sits at the centre of everything we do. We support our people to do the best work of their lives so that they can help small businesses succeed through better tools, information and connections. Because when they succeed they make a difference, and when millions of small businesses are making a difference, the world is a more beautiful place.

As the Security Risk Team Lead, you will be responsible for leading a team of specialists that work with all parts of the business to improve Xero's security risk and compliance posture, reduce the risk of security incidents and improve the efficiency and effectiveness of Xero’s security controls.


What you'll do:

  • Assess security risks across all areas of Xero's business, including product, platform, and third party software and services, to ensure these are well understood and managed within Xero's risk tolerance
  • Ensure security compliance obligations, both internally defined and externally regulated, are understood and met across Xero
  • Maintain the Xero information security management framework. Ensure that security policy and standards are kept in place
  • Develop a threat modelling framework and roll this out to all product teams
  • Develop and maintain an automated risk assessment process for add-on partners and third party providers. Ensure that security risks are assessed and understood prior to, and during the engagement with third parties
  • Engage and manage service providers delivering services and capabilities related to Xero's security risk and compliance practice
  • Maintain a comprehensive program of automated and manual security testing across Xero products
  • Further develop and maintain the security risk management framework to ensure risks are documented, communicated and escalated across Xero
  • Assist in the delivery of security awareness materials and training to Xero staff
  • Respond to customer and supplier security assessments
  • Report on Xero's risk and compliance position which will be suitable for various levels of Xero's leadership
  • Lead a security risk management team and coach and mentor each of your direct reports
  • Take part in people focused tasks including recruitment, leave management, performance reviews and training and development
  • Mentor the product team members from other business units across Xero about security risk and raise awareness of risk and compliance as a key part of product development
  • What you'll bring:

  • 5+ years' demonstrated experience in an information security and risk management practice
  • Experience implementing risk management and information management security frameworks
  • Proven experience in developing and maintaining a highly motivated team of individuals
  • Strong skills in leading and mentoring diverse team members to meet organisational goals and create a collaborative environment
  • Excellent stakeholder management skills with the ability to effectively communicate to a wide range of people
  • Why Xero?

    At Xero we support many types of flexible working arrangements that allow you to balance your work, your life and your passions. We offer a great remuneration package including shares plus a range of leave options to suit your well-being. Our work environment encourages continuous improvement and career development and you’ll get to work with the latest technology.  

    Our collaborative and inclusive culture is one we’re immensely proud of. We know that a diverse workforce is a strength that enables businesses, including ours, to better understand and serve customers, attract top talent and innovate successfully. We are a member of Pride in Diversity, in recognition of our inclusive workplace. So, from the moment you step through our doors, you’ll feel welcome and supported to do the best work of your life.