Xero is a beautiful, easy-to-use platform that helps small businesses and their accounting and bookkeeping advisors grow and thrive. At Xero, our purpose is to make life better for people in small business, their advisors, and communities around the world. This purpose sits at the centre of everything we do. We support our people to do the best work of their lives so that they can help small businesses succeed through better tools, information and connections. Because when they succeed they make a difference, and when millions of small businesses are making a difference, the world is a more beautiful place.As a part of the Global Security Capability the Security team at Xero is looking to build out the Threat Intelligence Centre.As a Threat Intelligence Specialist, you will collect, analyse, and translate intelligence from internal and external sources to help proactively mitigate security risks to Xero and our customers
What you'll do:
- Evaluate, analyse, and conceptualise strategic content risks and threats to Xero and its customers
- Be able to contextualise geopolitical developments and social issues
- Identify emerging trends and forecast new forms of abuse
- Translate how global developments could cause potential adverse impact to Xero’s users.
- Synthesise multidimensional information and data sources clearly and concisely for different audiences, including leadership
- Help to define requirements to automate and continuously improve the efficiency of threat detection, alerting and response
- Maintain a list of threat actors likely to target Xero or the SaaS companies and their tools, techniques, and procedures
- Exploit security tools to continuously improve the detection, prevention and analysis of security incidents.
- Keep informed as to emerging security threats that have the potential to impact Xero and implement/recommend mitigating strategies. Utilise available threat intelligence sources to inform and improve attack detection techniques.
- Work closely with the Detection team on continuous proactive threat hunting.
- Assist the team with various tasks including recruitment, training and development.
- Mentor product team members from other disciplines as needed and raise awareness of threat intelligence concerns as a key consideration of product development.
- Encourage, assist and coach other team members.
What you’ll bring:
- Previous experience in a threat intelligence role
- Experience building core processes for a threat intelligence function
- Working knowledge of cloud technologies, related policy, and regulatory environments
- Experience with MISP, modern SIEM and EDR platforms preferred
- Experience with python preferred
- Experience in intelligence, security analysis, threat/risk management
- Experience in an analytical, research-based role
- Strong collaboration and stakeholder management skills
Why Xero? At Xero we support many types of flexible working arrangements that allow you to balance your work, your life and your passions. We offer a great remuneration package including shares plus a range of leave options to suit your well-being. Our work environment encourages continuous improvement and career development and you’ll get to work with the latest technology. Our collaborative and inclusive culture is one we’re immensely proud of. We know that a diverse workforce is a strength that enables businesses, including ours, to better understand and serve customers, attract top talent and innovate successfully. We are a member of Pride in Diversity, in recognition of our inclusive workplace. Our goal is to make sure you feel welcome and supported to do the best work of your life. At Xero we embrace diversity and inclusion and value a #challenge mindset. Research has shown that women and underrepresented groups are less likely to apply to jobs unless they meet every single competency or experience . If you are excited about this role, but your past experience doesn't align perfectly, we encourage you to apply anyway. You could be just the right person for this role and Xero. If you have any support or access requirements, we encourage you to advise us at time of application and throughout the interview process.