Security Operations Analyst

Xero is a beautiful, easy-to-use platform that helps small businesses and their accounting and bookkeeping advisors grow and thrive. 
At Xero, our purpose is to make life better for people in small business, their advisors, and communities around the world. This purpose sits at the centre of everything we do. We support our people to do the best work of their lives so that they can help small businesses succeed through better tools, information and connections. Because when they succeed they make a difference, and when millions of small businesses are making a difference, the world is a more beautiful place.
Here at Xero we are all about people and building beautiful experiences for our customers. Join our passionate team of technologists who love to learn and get involved in the community. We focus on developing solutions to make it easier for small businesses to grow through beautiful accounting software. With us you have a chance to have an impact on the lives and businesses of people globally.
Working at Xero will provide you with a diverse and inclusive environment alongside people who will respect, challenge, support and mentor you to have fun while you do the best work of your life. We are a place where personal development, innovation, and change are not only inspired but also celebrated. We value our people and want them to enjoy and take pride in their work.  About the role
As a Security Operations Analyst you will work with internal Xero teams and 3rd party security service providers to monitor, detect and respond to events impacting the security of Xero and its customers.

What you'll do

• Triage alerts received from the external SIEM and other sources. Allocate remediation activities to appropriate Xero teams, track and escalate remediation activities to ensure timely resolution.
• Investigate and analyze customer security concerns and incidents, actual or suspected.  Work with CX and Legal teams to provide appropriate responses to customers.
• Investigate internal security incidents, actual or suspected, to contain and understand the extent of any impact.  Invoke and manage the Security Incident Response Plan if necessary.  Perform root cause analysis and recommend security improvements to prevent recurrence.  
• Document standards defining requirements to meet operational security needs. Work with the other security teams to ensure these operational security standards are communicated and met across Xero.
• Help to define requirements to automate and continuously improve the efficiency of threat detection, alerting and response.
• Exploit security tools to continuously improve the detection, prevention and analysis of security incidents.
• Keep informed as to emerging security threats that have the potential to impact Xero and implement/recommend mitigating strategies. Utilize available threat intelligence sources to inform and improve attack detection techniques. 
• Help to develop and maintain security operations playbooks and runbooks in support of the Security Incident Response Plan.
• Support other Security Operations Analysts in developing skills relevant to their discipline, and help them in becoming the best versions of themselves. 
• Assist the team leader with various tasks including recruitment, training and development.
• Mentor product team members from other disciplines as needed about security operations and raise awareness of security and operational concerns as a key consideration of product development.

Success looks like:

• Timely investigation, containment and effective resolution of security incidents.
• Timely responses to security concerns and questions.
• Continuous improvement of tools and processes for incident detection, analysis and response

What you'll bring with you

• Incident management/coordination skills
• Working knowledge of security attack and defense techniques
• Ability to work as part of a team and able to take pride and ownership in your work
• Take initiative and have a passion for all things security
• Strong stakeholder management
• Good written and verbal communication skills
• You help to create a collaborative environment and empower others
• You’re a positive team player with a “can do” attitude
• You are a fast learner, detail oriented, decisive, and enjoys fast paced work environments


• Experience:
•  5+ years in a role in a security practice is preferential
• Experience in a security operations centre
• Recognized as a strong contributor in your current SOC

Why Xero?
At Xero we support many types of flexible working arrangements that allow you to balance your work, your life and your passions. We offer a great remuneration package with benefits that support a range of lifestyle choices and requirements  and the opportunity to participate in Xero’s success through our Long Term Incentive scheme. Xero has rapidly expanding offices in London, Milton Keynes and Manchester and our work environment encourages continuous improvement and career development. 
Our collaborative and inclusive culture is one we’re immensely proud of. We know that a diverse workforce is a strength that enables businesses, including ours, to better understand and serve customers, attract top talent and innovate successfully. We are a Stonewall Diversity Champion, and Disability Confident committed. So, from the moment you step through our doors, you’ll feel welcome and supported to do the best work of your life.