At Deliveroo, it is our mission to build the definitive food company. To do that, we're building a company where everyone can belong, grow, and do the best work of their lives.
As a Security Operations Automation Specialist (Security Operations Specialist), you'll be part of a growing Security Operations team focused on detecting attacks against an ever-advancing cyber threat landscape with automation at the heart of everything we do. You'll be responsible for engineering our security processes, supporting threat detection capabilities, and providing effective workflows for our incident response, forensics, and threat intelligence processes spanning the breadth of the cyber kill chain. While we have some practices in place, you'll need to help design and mature security processes and technology requirements across the business to support our security maturity journey best.
The role is a unique opportunity to be part of the overall Security strategy where you can harness our existing process and technology investments and bring new ways of working to help us protect our employees, customers, riders, and restaurants. As we continue to grow our business, your specialist capabilities will play a key part in our story.
What you'll be doing
Contributing to our real-time security threats and incidents processes, as part of the Security Operations and Response acting as a first security line-of-defense.
Developing detection and response use-cases leveraging our real-time security tooling capabilities and business processes to identify suspicious activity across Deliveroo's cloud-based and SaaS environments
Automating detection workflows for effective alert triage and IR management process to help mitigate, enrich and help respond to threats
Identifying threat detection domains based on frameworks (NIST, MITRE) and metrics derived from existing operations.
Collaborating with multiple stakeholders across the business to develop efficient security and time saving automation capabilities
Developing Infrastructure-as-code processes and contribute to the engineering of global security infrastructure configurations
Retaining security operations playbooks and guidance for threat cases used by the Security Operations and Response team
Supporting the development of orchestration and automation across key platforms to streamline security incident response processes
Keeping up to date with current security trends, advisories, publications, and security research across the threat landscape
Requirements
Demonstrable hands-on experience as part of Security Operations/Incident Response/Security Engineering/Automation teams using monitoring platforms and identifying efficient ways to triage real-time alerts
Proven experience building threat detection capabilities in a cloud-centric, fast-moving organization
Hands-on experience writing complex Splunk and SQL queries
Demonstrated experience in Automation/Coding experience i.e. Python, Go
Demonstrated experience with IaC configuration management i.e. Terraform, JSON, YAML/YARA-L
Practical experience operating defensive security solutions
Demonstrable experience in system administration, particularly across Linux
Proven knowledge of optimal cloud security configurations, particularly across AWS
Exceptional communication skills and a collaborative, knowledge-sharing mindset
Familiarity with security compliance standards and frameworks
Capable of working well both independently and collaboratively, while keeping calm under the pressure of an incident with a potentially high impact on the business
Experience in a DevOps environment with familiarity with CI/CD pipelines
Experience in operating-based platforms and usage of audit logging
Expert at distilling clarity from complex situations to brief stakeholders at all levels of technical knowledge
Supporting security incidents and also helping mentor and train more Security Analysts
Understaing security threats and attack vectors
Supporting and maintaining Security tooling
Coordinating with the UK central security function as needed
Preferred, but not required
Natural leadership with experience in technical project management
Able to act as lead incident handler when required and manage high-priority incidents
Experience in engineering solutions to/from data lakes, focusing on storage and retention
Experience with web and mobile app offensive security techniques
Experience with Google Workspace
Hands-on experience with container technologies and orchestration services
Knowledge of cloud security data encryption standards and principles
Why Deliveroo?
Our mission is to be the definitive food company. We are transforming the way the world eats by making food more convenient and accessible. We give people the opportunity to eat what they want, when and where they want it.
We are a technology-driven company at the forefront of the most rapidly expanding industry in the world. We are still a small team, making a very large impact, and seeking to answer some of the most interesting questions out there. We move fast, value autonomy and ownership, and we are always looking for new ideas.
Workplace & Diversity
At Deliveroo, we know that people are the heart of the business, and we prioritize their welfare. We offer a wide range of competitive benefits in areas including health, family, finance, community, convenience, growth, and relocation.
We believe a great workplace represents the world we live in and how beautifully diverse it can be. That means we have no judgment when it comes to any one of the things that make you who you are - your gender, race, sexuality, religion, or a secret aversion to coriander. All you need is a passion for (most) food and a desire to be part of one of the fastest-growing startups in an incredibly exciting space.