The role and it's impact
As a Senior Engineer in the Enterprise Identity team, you’ll be hands-on operating and improving the workforce identity platform, while actively mentoring teammates and fostering a culture of technical excellence.
You will lead technical direction, standards, and automation to deliver secure, low‑friction access at scale across Xero. You’ll combine deep domain ownership with collaborative problem-solving to reduce operational overheads, strengthen assurance, and empower the wider team to operate with greater autonomy and clarity.
The team and how they connect
The Enterprise Identity team is responsible for uplifting and operating internal access services, including workforce IAM, enterprise SSO, and directory services. We work closely with Xero Security and Production Platform teams to resolve complex incidents and ensure our workforce identity platform remains seamless and secure.
The team is currently working on
Evolving enterprise SSO on Okta, including application integrations and authentication policies aligned to risk.
Managing the lifecycle of directory services like Active Directory and secure remote access infrastructure.
Developing event-driven automation and ChatOps bots using Python and AWS Lambda to reduce manual effort.
Uplifting multi-factor authentication using Duo Security and Okta to meet business and compliance requirements.
Where and how you can work
We’re a team split across Wellington and Auckland, this role can be based anywhere in New Zealand. We feel our working environment allows you to do the best work of your life, supported by a diverse team that respects and challenges you.
Here are some of the things we are looking for
You bring deep expertise in operating enterprise IAM systems with a focus on improving reliability and usability.
Your background includes integrating SSO using SAML and OIDC patterns with identity providers such as Okta.
You have a natural inclination toward an automation-first mindset, using tools like Python, Terraform, and CI/CD to reduce toil.
Experience managing directory services and privileged access patterns in large-scale environments is something you can demonstrate.
You enjoy mentoring other engineers, reviewing code, and championing modern engineering standards within a team.
An understanding of MFA technologies and policy-based access controls helps you align technical solutions to enterprise risk.
Apply even if your experience isn't a perfect match! At Xero, we hire based on your skills, passion, and the unique perspective you can bring to enhance our culture and team.
Top Skills
Xero Denver, Colorado, USA Office
Headquarters for the Americas, the sleek and modern Denver office is in the heart of the Platte Street area and right near the scenic Platte River.
Similar Jobs at Xero
What you need to know about the Colorado Tech Scene
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
