Why Deliveroo
Our mission is to transform the way you shop and eat, bringing the neighbourhood to your door by connecting consumers, restaurants, shops and riders. We are transforming the way the world eats and shops by making access to food and products more convenient and enjoyable. We give people the opportunity to buy what they want, as they want it, when and where they want it.
We are a technology-driven company at the forefront of the most rapidly expanding industry in the world. We are still a small team, making a very large impact, looking to answer some of the most interesting questions out there. We move fast, value autonomy and ownership, and we are always looking for new ideas.
About the role:
As a Staff Corporate Security Engineer, you are the technical anchor for our internal security posture. At the Staff level, we expect you to look 12 to 24 months ahead, define the architectural vision for our corporate systems, and lead organisation-wide security initiatives from concept to deployment.
You will tackle the most ambiguous and complex security challenges our company faces. You will be responsible for evaluating "build vs. buy" decisions, designing multi-layered security controls, and aligning our technical security strategy with overall business goals. Rather than just operating tools, you will architect the integrations between our Identity Providers, endpoint security platforms, and internal cloud infrastructure to ensure our enterprise is resilient against advanced threats.
Responsibilities:
Technical Vision & Strategy: Define and own the long-term technical roadmap for corporate security architecture. Transition legacy systems to modern, frictionless security models (e.g., passwordless authentication, Zero Trust Network Access).
Identity & Access Management (IAM): Be the focal point for engineering and business best practices, aligned with IAM technical leads. Developing resilient and security rich identity controls across ecosystems.
Endpoint & Mobile Security: Design the fleet security strategy for thousands of devices. You will engineer deep integrations between Mobile Device Management (Jamf Pro, Microsoft Intune, Workspace ONE) and EDR/XDR platforms (CrowdStrike, SentinelOne, Microsoft Defender) to enforce automated device trust and compliance.
Network & SASE Architecture: Lead the design and global deployment of Secure Access Service Edge (SASE) and ZTNA networks (Zscaler, Palo Alto Prisma Access, Cloudflare One, Tailscale) to securely connect our distributed workforce to internal applications without relying on legacy VPNs.
Security Operations & Engineering: Build out high-signal threat detection pipelines. You will design the architecture for our security data lake and SIEM/SOAR capabilities using tools like Splunk, Panther, Elastic Security, or Tines/Torq for automated incident response.
Cloud & SaaS Security: Secure our internal cloud footprint (AWS, GCP, or Azure) and implement SaaS Security Posture Management (SSPM) tools to monitor third-party app integrations and prevent corporate data loss.
Engineering Excellence: Set the standard for code quality and infrastructure-as-code (IaC) within the security team. Use Python, Go, Terraform, or Pulumi to build custom automation where off-the-shelf products fail.
Sponsorship & Mentorship: Actively sponsor and mentor senior (I5) and mid-level engineers. Write technical standards, lead architecture reviews, and raise the overall engineering capability of the Information Security organisation.
Minimum Qualifications:
Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience.
8+ years of hands-on experience in Security Engineering, Corporate Security, or Architecture roles.
Proven track record of operating at a Staff/Principal level, successfully leading multi-quarter, cross-functional engineering projects.
Expert-level understanding of IAM architecture, modern authentication standards, and Zero Trust principles.
Deep technical experience designing and deploying SASE/ZTNA solutions and enterprise EDR platforms at scale.
Advanced proficiency in at least one programming language (Python, Go) and extensive experience with Infrastructure as Code (Terraform, Pulumi).
Strong executive communication skills; ability to justify technical decisions and budget requests to non-technical leadership.
Preferred Qualifications:
10+ years of overarching cybersecurity experience in high-growth or complex enterprise environments.
Experience managing the technical integration of corporate security systems during Mergers & Acquisitions (M&A).
Deep understanding of OS internals across macOS, Windows, and Linux to guide advanced endpoint threat detection engineering.
Experience designing centralized logging and threat detection pipelines handling massive data volumes (using tools like Splunk, Snowflake, or Panther).
Advanced security certifications (e.g., CISSP-ISSAP, GIAC Enterprise Defender, or equivalent architectural certifications).
Workplace & Benefits
At Deliveroo we know that people are the heart of the business and we prioritise their welfare. Benefits differ by country, but we offer many benefits in areas including healthcare, well-being, parental leave, pensions, and generous annual leave allowances, including time off to support a charitable cause of your choice. Benefits are country-specific, please ask your recruiter for more information.
Diversity
At Deliveroo, we believe a great workplace is one that represents the world we live in and how beautifully diverse it can be. That means we have no judgement when it comes to any one of the things that make you who you are - your gender, race, sexuality, religion or a secret aversion to coriander. All you need is a passion for (most) food and a desire to be part of one of the fastest-growing businesses in a rapidly growing industry.
We are committed to diversity, equity and inclusion in all aspects of our hiring process. We recognise that some candidates may require adjustments to apply for a position or fairly participate in the interview process. If you require any adjustments, please don't hesitate to let us know. We will make every effort to provide the necessary adjustments to ensure you have an equitable opportunity to succeed.