Security Engineer
Xero.com
Office
Copenhagen
Full Time
Scheduling isn't simply filling shifts. It's finding the sweet spot that enables businesses to grow and team members to enjoy the perfect work/life balance.
At Planday from Xero, we aim to use Agentic AI to build a future where managers can seamlessly free up invaluable time for their business and teams. We're not just building software: we're on a mission to make shift work more human, to change work/life balance from a luxury to a reality for all shift workers. We're using advanced technology to help humans reach their full potential. At work and in life.
Founded in 2004, Planday is headquartered in Copenhagen, Denmark and helps create perfect schedules for hundreds of thousands of users across the world.
How you’ll make an impact
As a Security Engineer, you’ll play a key role in strengthening our security posture across infrastructure, applications, and operations. You’ll bring technical expertise and practical experience to proactively address findings from security audits and penetration tests reports, findings from internal tooling and manage vulnerabilities, and improve threat intelligence capabilities across the platform. Your work will directly reduce risk and ease the security burden on product and engineering teams. By embedding with Platform Engineering, you’ll ensure that security measures are not just theoretical but implemented and effective in practice. Strong collaboration with product and engineering teams is paramount to improve secure development practices, and designing and maintaining secure cloud architectures. Embedding security into Planday’s SDLC and ensuring software is designed, developed, and deployed securely would be an additional objective.
At Planday, we firmly believe that diversity and inclusion are the cornerstones of innovation and a vibrant workplace culture, and we highly value the strength that diverse backgrounds offer.
As an equal opportunity employer, we strive to create an equitable experience for all our candidates throughout the process. Please let us know if you need reasonable accommodation during the application or interview process.
All applicants will be considered for employment without attention to any personal characteristics.
At Planday from Xero, we aim to use Agentic AI to build a future where managers can seamlessly free up invaluable time for their business and teams. We're not just building software: we're on a mission to make shift work more human, to change work/life balance from a luxury to a reality for all shift workers. We're using advanced technology to help humans reach their full potential. At work and in life.
Founded in 2004, Planday is headquartered in Copenhagen, Denmark and helps create perfect schedules for hundreds of thousands of users across the world.
How you’ll make an impact
As a Security Engineer, you’ll play a key role in strengthening our security posture across infrastructure, applications, and operations. You’ll bring technical expertise and practical experience to proactively address findings from security audits and penetration tests reports, findings from internal tooling and manage vulnerabilities, and improve threat intelligence capabilities across the platform. Your work will directly reduce risk and ease the security burden on product and engineering teams. By embedding with Platform Engineering, you’ll ensure that security measures are not just theoretical but implemented and effective in practice. Strong collaboration with product and engineering teams is paramount to improve secure development practices, and designing and maintaining secure cloud architectures. Embedding security into Planday’s SDLC and ensuring software is designed, developed, and deployed securely would be an additional objective.
What You’Ll Do
- Responsible for enhancing security posture using advanced threat intelligence solutions for swift detection of malicious threats.
- Collect, analyze, and operationalize real-time threat intelligence feeds to identify emerging risks and adversary tactics and translating these into concrete action points.
- Integrate threat intelligence into security operations to anticipate and respond to threats faster, minimize vulnerabilities, and protect critical systems, platform, and data.
- Be the main technical capacity for information security incidents and help improve incident response workflows.
- Act as a subject matter expert on technical security topics.
- Ensure a security-first approach in all delivery pipelines.
- Write security documentation and provide technical guidance on risk mitigation.
- Platform Engineering is your home but helping other teams on security topics will be a common task as well.
- Influence tooling decisions, vendor selection, and process improvements in alignment with company-wide security goals.
- Collaborate closely with the Legal & Security team to provide expert technical security support.
What You’Ll Bring To The Role
- Solid experience in SIEM and Incident Response.
- Hands-on experience in security engineering or related technical security roles.
- Expertise in cloud platforms (Microsoft Azure), including IAM, networking, monitoring, and data protection.
- Curious, collaborative, and practical mindset.
- Good grasp of modern attack vectors, vulnerability management, and secure software development practices.
- Practical experience with infrastructure-as-code and CI/CD pipelines.
- Good scripting/coding or automation skills in languages like dotnet and typescript.
- Ability to communicate technical security risks and topics to both technical and non-technical audiences.
- Demonstrate high autonomy by transparently prioritizing and effectively managing multiple initiatives..
- Experience with general scripting (Bash, Powershell, Terraform) is a plus.
- Experience working with SaaS products is a plus.
Success Looks Like
- Security is seamlessly integrated into Planday’s software development lifecycle.
- Automated security testing and secure coding practices are widely adopted across engineering teams.
- Threat intelligence and security processes are actively used to detect and mitigate risk.
- Findings from audits and pen tests are resolved in a timely, structured way, either through delegation of work or direct contribution.
- Engineering teams have access to reusable security tooling and clear guidance.
- Engineering teams feel empowered and supported in delivering secure applications.
- Security threats are proactively identified and mitigated using cloud managed security automation tooling and monitoring.
- Security is proactively addressed at the design stage, reducing the need for last-minute fixes.
- Vulnerabilities are identified, triaged, and remediated efficiently, with clear prioritization based on risk.
- Security incidents are reduced, and response processes are faster and more effective.
- Security testing is implemented and secure code principles are being followed by the teams.
- Development and product teams view security as an enabler, not a blocker.
- The organization has a clear, technically sound approach to securing its infrastructure and applications
At Planday, we firmly believe that diversity and inclusion are the cornerstones of innovation and a vibrant workplace culture, and we highly value the strength that diverse backgrounds offer.
As an equal opportunity employer, we strive to create an equitable experience for all our candidates throughout the process. Please let us know if you need reasonable accommodation during the application or interview process.
All applicants will be considered for employment without attention to any personal characteristics.
Security Engineer
Office
Copenhagen
Full Time
October 10, 2025