Why Deliveroo

Our mission is to transform the way you shop and eat, bringing the neighbourhood to your door by connecting consumers, restaurants, shops and riders. We are transforming the way the world eats and shops by making access to food and products more convenient and enjoyable. We give people the opportunity to buy what they want, as they want it, when and where they want it.

We are a technology-driven company at the forefront of the most rapidly expanding industry in the world. We are still a small team, making a very large impact, looking to answer some of the most interesting questions out there. We move fast, value autonomy and ownership, and we are always looking for new ideas.

About the Role

As a Senior Corporate Security Engineer, you will lead the design and operation of security controls that protect our internal networks, workforce identities, endpoints and corporate systems. You will be working globally with security teams across US, EU and APAC, delivering against our goals and objectives - reducing risk and maturing controls.

As a Senior, you will operate with a high degree of autonomy. You will define technical direction, make architectural decisions, and deliver complex security initiatives end-to-end. You will be expected to balance risk reduction with usability, ensuring controls are robust without impeding employee productivity.

This role focuses on Identity and Access Management (IAM), Endpoint security (EDR), Network Security, logging and detection engineering, and secure SaaS enablement. You will work closely with IT, Legal, Privacy, Engineering and business stakeholders to embed security as a default practice across the organisation.

Security controls will be aligned to recognised frameworks such as the CIS Critical Security Controls and the NIST Cybersecurity Framework (CSF).

Key Responsibilities

• Architecture & Control Implementation: Design, deploy, and maintain core corporate security controls, including phishing-resistant MFA, Just-In-Time (JIT) access, strict role-based access control (RBAC), zero-trust architectures, device and identity bound proofing and modern network isolation.

• Tooling Ownership: Serve as the technical owner for a broad suite of corporate security systems, managing deployments, configurations, and API integrations for tools across the corporate environment.

• Technical Leadership: Lead and implement the technical strategy for Endpoint Device trust, Data Loss Prevention, Intellectual property storage, and SaaS application security. Alongside wider corporate security technical controls.

• Automation & Engineering: Write scripts and build tools to automate security workflows, incident response tasks, and audit evidence collection for compliance.

• Cross-Functional Collaboration: Work with IT and business operations to integrate security tools into everyday workflows. Guide non-security teams to adopt secure baselines (e.g., CIS Benchmarks) as standard practice.

• Mentorship: Mentor junior and mid-level engineers, explain technical concepts clearly to non-technical staff, and help improve the team's engineering standards.
  

Minimum Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience.

• 5+ years’ experience in Security Engineering, Corporate Security, Detection & Response, or a related field.

• Hands-on experience administering IAM platforms (e.g. Okta, GoogleWorkspace).

• Deep hands-on experience with GoogleWorkspace products

• Practical hands-on experience with Cloud platforms (e.g AWS, GCP)

• Relevant and practical experience with Infrastructure-as-code (e.g Terraform)

• Experience implementing modern authentication standards (FIDO2, WebAuthn, SAML, OAuth 2.0, OpenID Connect).

• Practical experience securing macOS, Windows and Linux endpoints using MDM and EDR/XDR tooling.

• Experience operating SIEM and/or SOAR platforms and tuning detection logic.

• Experience with vulnerability management and patch governance.

• Ability to write production-quality automation scripts.

• Demonstrated experience leading cross-functional technical initiatives.

Desirable Skills

• Experience with SASE or Zero Trust Network Access platforms.

• Hands on experience deploying applications into K8 and Docker environments

• Data Loss Prevention (DLP) and SaaS security governance.

• Advanced detection engineering or SOAR playbook development.

• Experience supporting ISO 27001 or SOC 2 audits.

• Relevant certifications (e.g. CISSP, CISM, GIAC).

Workplace & Benefits

At Deliveroo we know that people are the heart of the business and we prioritise their welfare. Benefits differ by country, but we offer many benefits in areas including healthcare, well-being, parental leave, pensions, and generous annual leave allowances, including time off to support a charitable cause of your choice. Benefits are country-specific, please ask your recruiter for more information.

Diversity

At Deliveroo, we believe a great workplace is one that represents the world we live in and how beautifully diverse it can be. That means we have no judgement when it comes to any one of the things that make you who you are - your gender, race, sexuality, religion or a secret aversion to coriander. All you need is a passion for (most) food and a desire to be part of one of the fastest-growing businesses in a rapidly growing industry.

We are committed to diversity, equity and inclusion in all aspects of our hiring process. We recognise that some candidates may require adjustments to apply for a position or fairly participate in the interview process. If you require any adjustments, please don't hesitate to let us know. We will make every effort to provide the necessary adjustments to ensure you have an equitable opportunity to succeed.