Deliveroo
Senior Security Engineer, IAM

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Why Deliveroo
Our mission is to transform the way you shop and eat, bringing the neighbourhood to your door by connecting consumers, restaurants, shops, and riders. We are transforming how the world eats and shops by making access to food and products more convenient and enjoyable. We give people the opportunity to buy what they want, as they want it, when and where they want it.
We are a technology-driven company at the forefront of one of the most rapidly expanding industries in the world. We are still a small team, making a very large impact, looking to answer some of the most interesting questions out there. We move fast, value autonomy and ownership, and forever seek new ideas.
About The Role
We are seeking a Senior Security Engineer (L5) with deep expertise in Identity & Access Management (IAM) to help design, build, and evolve our identity, authentication, and access control capabilities across the organisation.
This is a hands-on senior engineering role within Corporate Security Engineering. You will act as a technical leader across IAM and broader security engineering initiatives—designing scalable identity systems, building secure-by-default access controls, and developing internal integrations and automation to materially improve our risk posture.
You'll combine robust security engineering capability with deep IAM domain knowledge, influencing architectural decisions, mentoring engineers, and partnering with teams across engineering, IT, compliance, and product.
What You'll Be Doing
Identity & Access Architecture
- Own and evolve Deliveroo’s IAM architecture across identity providers (e.g., Okta, Azure AD, Google Cloud Identity), identity governance (e.g., ConductorOne, SailPoint IdentityNow), and cloud IAM (AWS/GCP).
- Design scalable solutions for authentication, authorization, provisioning, deprovisioning, RBAC/ABAC, Just-in-Time (JIT) access, and Privileged Access Management (PAM).
- Drive improvements to access governance processes, including certifications, Separation of Duties (SoD) controls, and policy enforcement.
- Lead technical implementations and integrations between domains, ensuring adherence to engineering core principles.
- Develop "Paved Roads" for stakeholders, enforcing IAM best practices across teams.
Security Engineering
Deliveroo leverages best-in-class security and IAM tooling. In this role, you'll maximise their value by designing custom integrations, middleware, and accompanying automation.
Includes:
- Developing bespoke integrations between IAM platforms and internal systems for seamless lifecycle management and access governance.
- Building middleware solutions to address edge cases (e.g., automated group creation in environments where authoritative HR data gaps exist).
- Designing and implementing self-service RBAC capabilities that enable business teams to manage roles within defined guardrails.
- Creating automation layers to enhance ROI from commercial tooling by reducing manual effort and embedding controls into engineering workflows.
- Extending off-the-shelf platforms with APIs, event-driven services, and workflow orchestration to meet Deliveroo’s scale and complexity.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
You’ll focus on ensuring purchased tools are deeply integrated, automated, and aligned with our broader security architecture.
Automation & Integration
- Build scalable automation across IAM services using programming languages like Go, Java, Python, or JavaScript.
- Develop and maintain integrations using REST APIs, SCIM, webhooks, and event-driven architectures.
- Embed IAM controls into CI/CD pipelines and infrastructure-as-code environments.
- Improve reliability and reduce manual operational burden through engineering-led solutions.
Cloud & Platform Security
- Work across AWS, GCP, or Azure environments to align IAM and security architecture with cloud-native best practices.
- Design and review IAM roles, policies, and trust boundaries in cloud settings.
- Support Zero Trust and secure-by-default principles across infrastructure and application layers.
Technical Leadership & Influence
- Serve as a subject matter expert in IAM across the organisation.
- Mentor and support engineers in secure design, IAM protocols, and security engineering practices.
- Collaborate with Security GRC, IT, and Engineering leadership to balance risk reduction with developer experience.
- Influence adoption of best practices in authentication, authorization, and access governance.
Requirements
- 5+ years of experience in software or security engineering, with significant hands-on technical depth.
- Proficiency in a modern programming language (Go, Java, Scala, Python, etc.).
- Strong experience designing and operating IAM systems in cloud-first environments.
- Deep understanding of authentication and authorization protocols:
- SAML
- OAuth2 / OpenID Connect (OIDC)
- SCIM
- Multi-Factor Authentication (MFA) and modern identity assurance methods.
- Hands-on experience with identity providers and directories, such as Okta, Azure AD, Google Cloud Identity, or Active Directory.
- Experience with identity governance platforms like ConductorOne, SailPoint IdentityNow, including lifecycle management, access reviews, and Attribute-Based Access Control (ABAC).
- Knowledge of cloud IAM (AWS, GCP, Azure).
- Skills in building secure integrations and automation using REST APIs and event-driven architectures.
- Experience leading cross-team security initiatives.
- Strong architectural thinking with the ability to design resilient, scalable systems.
- Excellent communication skills able to influence cross-functional stakeholders and drive adoption of secure design patterns.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Nice to Have
- JIT access or Privileged Access Management (PAM) tool experience.
- Knowledge in embedding IAM controls into developer workflows (e.g., Terraform, CI/CD, GitOps).
- Work with regulated environments (SOX, GDPR, PCI).
- Experience in containerisation and orchestration (Docker, Kubernetes).
How You’ll Make An Impact
- Scalable, automated, and secure-by-default identity and access systems.
- Higher return on investment (ROI) for IAM tooling through integrations and automation.
- Reduced manual access management effort via engineering solutions.
- Deep IAM integrations into cloud and engineering workflows.
- Adoption of authentication and authorization best practices across the company.
- Improved security posture without hampering developer velocity.
Why This Role Is Exciting
This is a chance to shape IAM and security engineering at scale within a global technology firm. You will influence foundational systems protecting millions of users, work on high-impact security integrations, and contribute to long-term identity and access strategy definitions.
You'll operate at the intersection of security architecture, software engineering, and cloud platform design, tackling complex challenges while ensuring seamless identity access across the organisation.
Workplace & Benefits
At Deliveroo, our people are invaluable. Benefits vary by location but typically include:
- Healthcare
- Well-being support
- Parental leave
- Pensions
- Generous annual leave (including time to volunteer for a cause you choose).
Benefits are country-specific—ask your recruiter for more details.
Diversity
Deliveroo believes diversity fuels a thriving workplace, mirroring the richness of the broader world. We celebrate differences—gender, race, sexuality, religion, or that elusive dislike for coriander. A passion for food (most of it) and the intent to contribute to one of the fastest-growing businesses in a thriving industry are required.
We are dedicated to diversity, equity, and inclusion—prioritising fairness in hiring and throughout. If adjustments are needed to apply or participate in interviews, please notify us. We’ll ensure fair representation and equitable opportunities for everyone.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location