Engineering Lead - Vulnerability Management

Xero

Wellington, Wellington, New Zealand permanent

Posted: December 9, 2025

Required Skills

Job Description

The role and it’s impact

As the Team Lead for Vulnerability Management, you will be responsible for leading a team focused on the identification, triage, and remediation of vulnerabilities across Xero's systems and platform. You will ensure vulnerability management processes are integrated, automated, and risk-informed, reducing exposure while enabling teams to move fast and ship securely.

Your work will directly influence Xero's security posture and operational resilience, allowing us to respond swiftly and confidently to evolving threats. You will foster a high-performing, collaborative culture that empowers your team and partner teams to own security outcomes.

As an engineering leader at Xero we expect you to come with high EQ, being self-aware, self-regulated, motivated and empathetic, with great interpersonal skills. You'll lead and live our vision and values – building and fostering an inclusive and positive team culture.

The team & how they connect

You will lead the Vulnerability Management team, ensuring alignment with our security engineering and risk management strategy. This involves partnering closely with the Security Product Team and broader engineering groups to embed security throughout the software development lifecycle. The team collaborates proactively across the organisation to break down silos and champion shared security ownership.

The team is currently working on

• Building scalable, automated processes for vulnerability scanning and detection across infrastructure, cloud environments, and applications.

• Evaluating and integrating security tooling such as Qualys, Tenable, or Wiz into CI/CD pipelines and runtime environments.

• Driving risk-based prioritisation of vulnerabilities using contextual threat intelligence, asset criticality, and exploitability data.

• Implementing metrics and dashboards that provide real-time visibility of security posture and remediation trends.

Where and how you can work

Our team is based in Australia and New Zealand, with the majority of people working from Wellington. This role can be based anywhere in New Zealand.

We support flexible working arrangements that balance the needs of the individual with the needs of the business. You will have the ability to work in a hybrid capacity, connecting with your peers in our offices to foster collaboration while maintaining the autonomy to work remotely.

Here are some of the things we are looking for

• You bring strong domain expertise in vulnerability management, detection engineering, or security operations.

• Your background includes leading teams to deliver high-quality engineering initiatives using lean-agile techniques.

• You possess a good understanding of vulnerability types (CVE/CWE) and risk prioritisation frameworks like CVSS or EPSS.

• Hands-on experience with cloud platforms such as AWS or GCP and containerisation is essential to your technical toolkit.

• You are comfortable integrating security tools into CI/CD and DevOps workflows.

• A passion for coaching and mentoring defines your leadership style, helping others grow their technical expertise.

Apply even if your experience isn't a perfect match! At Xero, we hire based on your skills, passion, and the unique perspective you can bring to enhance our culture and team.

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.