Senior Security Engineer

Deliveroo2 weeks ago

Location

London - The River Building HQ

Type

Full Time

Level

Senior

Role

Security Engineer

Posted

Feb 24, 2026

Full TimeSenior

The role

Summary

Deliveroo is seeking a Senior Security Engineer to lead corporate security initiatives across their global operations. This role focuses on Identity and Access Management, endpoint security, network security, and secure SaaS enablement, requiring 5+ years of security engineering experience and expertise in modern authentication standards, cloud platforms, and infrastructure-as-code.

What you'll do

Security Architecture Design: Design, deploy, and maintain core corporate security controls including phishing-resistant MFA, Just-In-Time access, and zero-trust architectures

Technical System Ownership: Serve as technical owner for corporate security systems, managing deployments, configurations, and API integrations

Strategic Technical Leadership: Lead technical strategy for Endpoint Device trust, Data Loss Prevention, IP storage, and SaaS application security

Automation Development: Write scripts and build tools to automate security workflows, incident response tasks, and compliance audit evidence collection

Cross-Functional Integration: Collaborate with IT and business operations to integrate security tools into everyday workflows and establish secure baselines

Team Mentorship: Mentor junior and mid-level engineers while improving team engineering standards and explaining technical concepts to non-technical staff

Global Security Operations: Work with security teams across US, EU, and APAC regions to deliver risk reduction and control maturation objectives

Compliance Framework Alignment: Ensure security controls align with CIS Critical Security Controls and NIST Cybersecurity Framework standards

What we look for

Technical

IAM Platform AdministrationHands-on experience with Identity and Access Management platforms like Okta and Google Workspace

Cloud Platform SecurityPractical experience securing AWS and GCP cloud environments

Infrastructure-as-CodeRelevant experience with Terraform for automated security control deployment

Modern Authentication StandardsImplementation experience with FIDO2, WebAuthn, SAML, OAuth 2.0, and OpenID Connect

Endpoint Security ManagementPractical experience securing macOS, Windows, and Linux endpoints using MDM and EDR/XDR tooling

SIEM/SOAR OperationsExperience operating Security Information and Event Management and Security Orchestration platforms

Vulnerability ManagementExperience with vulnerability assessment and patch governance processes

Automation ScriptingAbility to write production-quality automation scripts for security operations

Education

Bachelor's DegreeDegree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience

Experience

Security Engineering Experience5+ years in Security Engineering, Corporate Security, Detection & Response, or related security field

Technical Leadership ExperienceDemonstrated experience leading cross-functional technical security initiatives

High Autonomy OperationsAbility to operate with high degree of autonomy, defining technical direction and making architectural decisions

Skills

Required skills

Identity and Access ManagementDeep expertise in IAM platforms including Okta and Google Workspace administration

Cloud SecurityHands-on security implementation experience across AWS and GCP platforms

Infrastructure-as-CodeTerraform proficiency for automated security infrastructure deployment

Authentication ProtocolsModern authentication standards including FIDO2, WebAuthn, SAML, OAuth 2.0, and OpenID Connect

Endpoint SecurityMulti-platform endpoint security using MDM and EDR/XDR tools across macOS, Windows, and Linux

Security OperationsSIEM and SOAR platform operations with detection logic tuning capabilities

Automation EngineeringProduction-quality scripting for security workflow automation and incident response

Technical LeadershipProven ability to lead cross-functional technical initiatives and mentor engineering teams

Nice to have

Zero Trust ArchitectureExperience with SASE or Zero Trust Network Access platform implementations

Container SecurityHands-on experience deploying security applications in Kubernetes and Docker environments

Data Loss PreventionDLP solution implementation and SaaS security governance experience

Advanced Detection EngineeringSOAR playbook development and advanced security detection engineering

Compliance FrameworksExperience supporting ISO 27001 or SOC 2 audit processes

Security CertificationsProfessional certifications such as CISSP, CISM, or GIAC credentials

Compensation & benefits

Benefits

Healthcare Coverage

Comprehensive healthcare benefits package

Well-being Support

Dedicated well-being programs and resources

Parental Leave

Generous parental leave policies for new parents

Pension Scheme

Company pension contribution programs

Annual Leave

Generous annual leave allowances including time off for charitable causes

Country-Specific Benefits

Additional benefits that vary by location, with comprehensive packages tailored to local standards

Interview process

1
Initial Screening — Phone or video call with recruiter to discuss background, experience, and role fit
2
Technical Assessment — Technical interview focusing on security architecture, IAM systems, and cloud security practices
3
Scenario-Based Interview — Deep-dive discussion on real-world security challenges, incident response, and architectural decision-making
4
Leadership & Culture Fit — Behavioral interview assessing mentorship capabilities, cross-functional collaboration, and cultural alignment
5
Final Round — Senior stakeholder interview with security leadership team and potential cross-functional partners