This is a Team Lead - Data & Security Compliance role with Xero based in Melbourne, VIC, AU Xero Role Seniority - senior More about the Team Lead - Data & Security Compliance role at Xero Our Purpose At Xero, we’re here to make running a business beautiful. By making small business more efficient every day, connecting them with big business technology and empowering a community behind them, their potential is limitless. When that happens, we’re not only helping small business, we’ll be building a stronger economy that can change the world. How you’ll make an impact The Team Lead - Data and Security Compliance will lead a team of Data and Security Compliance specialists in working with all parts of the business to improve Xero’s data & security compliance posture, helping to reduce the risk of security incidents through the improvement of the efficiency and effectiveness of Xero’s data and security controls. What you'll do Lead a data and security compliance management team. Assess data and security compliance requirements across all areas of Xero’s business, including product, platform, and third party software and services, to ensure these are well understood and managed. Ensure security compliance obligations, both internally defined and externally regulated, are understood and met across Xero. Maintain the Xero information security management framework. Ensure that security policy and standards keep pace with the changing threat and compliance landscape, and are approved and communicated across Xero. Engage and manage service providers delivering services and capabilities related to Xero’s data and security compliance practice. Maintain a comprehensive program of automated and manual data & security testing across Xero products. Assist in the development and delivery of security awareness materials and training to Xero staff. Respond to customer and supplier security assessments. Provide measurement and reporting of Xero’s compliance position suitable for various levels of Xero’s leadership. Work with all areas of Xero’s business to ensure they have business continuity plans in place and these are regularly tested and maintained. Coach and mentor each of your direct reports to help them become the best versions of themselves they can be, using a variety of techniques which may include performance feedback and career development. Spend a proportion of your time on people-focused tasks including recruitment, leave management, performance reviews, training and development. Mentor product team members from other disciplines about data and security awareness of compliance concerns as a key consideration of product development. Success looks like All changes to Xero’s product and corporate infrastructure are in compliance with the IT Security Policy and standards and meet Xero’s compliance obligations. Security assessments are completed and documented for all new third party software and technology services prior to them being used by Xero. Audits and other compliance assessment activities are completed successfully, and compliance is maintained with required standards. Business Continuity Plans are developed, maintained and tested to an agreed schedule. Security policy and standards are maintained to address current risks and compliance requirements. Your team is working collaboratively together to ensure agreed objectives are met for operational performance and continue to improve the way the service is operated and monitored. High performing, highly engaged staff. Critical Competencies Able to lead and mentor a diverse and geographically dispersed team to meet organisational goals. Takes a business focused and pragmatic approach to data and security compliance. Ability to lead and work as part of a team and able to take pride and ownership in their work. Has initiative and a passion for all things security and a willingness to go the extra mile. Excellent stakeholder management. Able to effectively communicate to a wide range of people. Creates an environment in which the team will thrive and excel. Creates a collaborative environment and empowers others. An innovative and positive team player with a “can do” attitude. Is someone people like working for and who acknowledges and rewards excellence. Fast learner, detail oriented, decisive, and enjoys fast paced work environments. Experience 5 years in a role in an information security and Compliance management practice. 5 years in a role in a Data Compliance management practice. Experience implementing risk management and information management security frameworks. Proven experience in developing and maintaining a highly motivated team of individuals. Been recognised as a technical lead or the senior contributor in your team. What we value We Make it Xero We make it beautiful We make it happen We make it human We make it together Before we jump into the responsibilities of the role. No matter what you come in knowing, you’ll be learning new things all the time and the Xero team will be there to support your growth. Please consider applying even if you don't meet 100% of what’s outlined Key Responsibilities Leading a compliance management team Assessing compliance requirements Maintaining security policies Key Strengths Data compliance management Information security management Team leadership Stakeholder management ⚖️ Risk management Training and development Why Xero is partnering with Hatch on this role. Hatch exists to level the playing field for people as they discover a career that’s right for them. So when you apply you have the chance to show more than just your resume. A Final Note: This is a role with Xero not with Hatch.
