Staff Security Engineer, IAM
Deliveroo3 weeks ago
Location
London - The River Building HQ
Type
Full Time
Level
Staff
Role
Security Engineer
Posted
Feb 18, 2026
Full TimeStaff
The role
Summary
Deliveroo seeks a Staff Security Engineer specializing in Identity & Access Management (IAM) to design and build scalable identity systems across their global technology platform. The role combines deep security engineering expertise with IAM domain knowledge, requiring hands-on development of integrations, automation, and secure-by-default access controls that protect millions of users while maintaining developer velocity.
What you'll do
IAM Architecture Design: Own and evolve Deliveroo's IAM architecture across identity providers, governance platforms, and cloud environments
Authentication & Authorization Systems: Design scalable solutions for authentication, authorization, provisioning, RBAC/ABAC, and privileged access management
Security Integration Development: Build custom integrations between IAM platforms and internal systems for seamless lifecycle management
Automation Engineering: Develop scalable automation across IAM services using modern programming languages and event-driven architectures
Cloud Security Implementation: Ensure IAM and security architecture aligns with cloud-native best practices across AWS, GCP, and Azure
Technical Leadership: Act as IAM subject matter expert, mentor engineers, and influence adoption of security best practices organization-wide
Access Governance: Drive improvements to access governance processes including certifications, segregation of duties controls, and policy enforcement
Self-Service RBAC: Design and implement self-service role-based access control capabilities with defined guardrails for business teams
Zero Trust Architecture: Support Zero Trust and secure-by-default principles across infrastructure and application layers
Cross-functional Collaboration: Partner with Security GRC, IT, and Engineering leadership to balance risk reduction with developer experience
What we look for
Technical
Programming LanguagesStrong experience in Go, Java, Scala, Python, or similar modern programming languages
IAM Systems DesignProven experience designing and operating identity and access management systems in cloud-first environments
Authentication ProtocolsDeep understanding of SAML, OAuth2/OIDC, SCIM, and multi-factor authentication methods
Identity PlatformsHands-on experience with Okta, Azure AD, Google Cloud Identity, or Active Directory
Identity GovernanceExperience with platforms like ConductorOne, SailPoint IdentityNow for lifecycle management and access reviews
Cloud IAMStrong understanding of AWS IAM, GCP IAM, and Azure RBAC
API IntegrationExperience building secure integrations using REST APIs and event-driven architectures
Security ArchitectureKnowledge of RBAC, ABAC, PAM, and Zero Trust architecture principles
Education
Technical BackgroundStrong technical education in computer science, software engineering, or related field preferred
Security CertificationsRelevant security certifications such as CISSP, CISM, or cloud security certifications are valuable
Experience
Software Engineering7+ years of experience in software or security engineering with significant hands-on technical depth
Cross-team LeadershipExperience leading significant cross-team security initiatives and influencing stakeholders
High-growth EnvironmentsExperience working in high-growth, cloud-native technology environments
Scalable SystemsProven ability to design resilient, scalable identity and security systems
Skills
Required skills
IAM ArchitectureDeep expertise in designing and implementing identity and access management systems at scale
Security EngineeringStrong background in security engineering with hands-on development experience
Cloud SecurityProficiency in cloud IAM across AWS, GCP, and Azure environments
ProgrammingAdvanced skills in Go, Java, Python, or similar languages for building security automation
Authentication ProtocolsExpert knowledge of SAML, OAuth2/OIDC, SCIM, and modern authentication methods
API DevelopmentExperience building and consuming REST APIs for security integrations
Technical LeadershipAbility to mentor engineers and influence technical decisions across teams
System ArchitectureStrong architectural thinking for designing resilient, scalable security systems
Nice to have
JIT Access ManagementExperience implementing Just-in-Time access or Privileged Access Management solutions
DevSecOpsExperience embedding IAM controls into CI/CD pipelines and developer workflows
Compliance FrameworksKnowledge of SOX, GDPR, PCI, and other regulatory compliance requirements
Container SecurityExperience with Docker, Kubernetes, and container orchestration security
Infrastructure as CodeProficiency with Terraform and GitOps for security infrastructure management
Compensation & benefits
Benefits
Healthcare
Comprehensive healthcare coverage and medical benefits
Well-being Programs
Employee wellness initiatives and mental health support
Parental Leave
Generous parental leave policies for new parents
Pension Scheme
Company pension contributions for long-term financial security
Annual Leave
Generous annual leave allowances for work-life balance
Charitable Time Off
Paid time off to support charitable causes of your choice
Diversity & Inclusion
Inclusive workplace culture celebrating diversity and individual differences
Professional Development
Opportunities for learning, growth, and career advancement in a fast-growing company
Interview process
- 1Initial Screening — Phone or video call with recruiter to discuss background, role expectations, and cultural fit
- 2Technical Assessment — Technical interview focusing on IAM concepts, security engineering experience, and system design capabilities
- 3Architecture Discussion — Deep-dive session on designing scalable IAM systems, discussing past implementations and architectural decisions
- 4Leadership Interview — Meeting with security leadership to assess technical leadership skills and strategic thinking
- 5Cross-functional Panel — Panel interview with stakeholders from engineering, IT, and compliance teams to evaluate collaboration skills
- 6Final Interview — Final discussion with senior leadership covering career goals, company culture fit, and role expectations
Apply for this position
You'll be redirected to the company's application page
More Jobs at Deliveroo
21 other open positions
Staff Code Quality Engineer
StaffLondon - The River Building HQ
Machine Learning Intern
InternLondon - The River Building HQ
Software Engineer, New Grad
JuniorLondon - The River Building HQ
Engineering Manager (Infra / Edge)
ManagerLondon - The River Building HQ
Engineering Manager (DevEx)
ManagerLondon - The River Building HQ
Deliveroo
View all jobs
Deliveroo is a British multinational online food delivery company operating a platform for ordering from restaurants and grocers.
London, England, United KingdomFounded 2013deliveroo.co.uk
Tech Stack
Languages
GoJavaPythonJavaScriptScala
Frameworks
OAuth2/OIDCSAMLSCIMREST APIsEvent-driven architectures
Databases
Identity directoriesCloud-native databases
Tools
OktaAzure ADGoogle Cloud IdentityConductorOneSailPoint IdentityNowAWS IAMGCP IAMAzure RBACTerraformDockerKubernetes
Other
CI/CD pipelinesGitOpsWebhooksMulti-factor authentication
Interview Guides
12 guides available for Deliveroo
Apply Now