CrawlJobs Logo

Staff Security Engineer, IAM

deliveroo.co.uk Logo

DELIVER

Location Icon

Location:
United Kingdom , London

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a Staff Security Engineer (L6) with deep expertise in Identity & Access Management (IAM) to help design, build, and evolve our identity, authentication, and access control capabilities across the organisation. This is a hands-on senior engineering role within Corporate Security Engineering. You will act as a technical leader across IAM and broader security engineering initiatives - designing scalable identity systems, building secure-by-default access controls, and developing internal integrations and automation that materially improve our risk posture. You will combine strong security engineering capability with deep IAM domain knowledge, influencing architectural decisions, mentoring engineers, and partnering with stakeholders across engineering, IT, compliance, and product teams.

Job Responsibility:

  • Own and evolve Deliveroo’s IAM architecture across identity providers (e.g., Okta, Azure AD, Google Cloud Identity), identity governance (e.g., ConductorOne, SailPoint IdentityNow), and cloud IAM (AWS/GCP)
  • Design scalable solutions for authentication, authorisation, provisioning, deprovisioning, RBAC/ABAC, JIT access, and privileged access management
  • Drive improvements to access governance processes including certifications, SoD controls, and policy enforcement
  • Lead implementations and technical integrations between domains, ensuring engineering core principles are adhered to
  • Develop ‘Paved Roads’ for stakeholders enforcing IAM best good practices to teams
  • Developing bespoke integrations between IAM platforms and internal systems to ensure seamless lifecycle management and access governance
  • Building middleware solutions to address edge cases (e.g. automated group creation where authoritative HR data does not exist)
  • Designing and implementing self-service RBAC capabilities that enable business teams to manage roles within defined guardrails
  • Creating automation layers that enhance ROI from commercial tooling by reducing manual effort and embedding controls into engineering workflows
  • Extending off-the-shelf platforms with APIs, event-driven services, and workflow orchestration to meet Deliveroo’s scale and complexity
  • Build scalable automation across IAM services using modern programming languages (e.g., Go, Java, Python, JavaScript)
  • Develop and maintain integrations using REST APIs, SCIM, webhooks, and event-driven architectures
  • Embed IAM controls into CI/CD pipelines and infrastructure-as-code environments
  • Improve reliability and reduce manual operational burden through engineering-led solutions
  • Work across AWS, GCP, or Azure environments to ensure IAM and security architecture aligns with cloud-native best practices
  • Design and review IAM roles, policies, and trust boundaries in cloud environments
  • Support Zero Trust and secure-by-default principles across infrastructure and application layers
  • Act as a subject matter expert in IAM across the organisation
  • Mentor and support engineers in secure design, IAM protocols, and security engineering practices
  • Partner with Security GRC, IT, and Engineering leadership to balance risk reduction with developer experience
  • Influence adoption of best practices across authentication, authorisation, and access governance

Requirements:

  • 7+ years of experience in software or security engineering, with significant hands-on technical depth
  • Strong experience in at least one modern programming language (Go, Java, Scala, Python, or similar)
  • Proven experience designing and operating IAM systems in a cloud-first environment
  • Deep understanding of authentication and authorisation protocols: SAML, OAuth2 / OIDC, SCIM, MFA and modern identity assurance methods
  • Experience with identity providers and directories such as Okta, Azure AD, Google Cloud Identity, or Active Directory
  • Hands-on experience with identity governance platforms (e.g., ConductorOne, SailPoint IdentityNow), including lifecycle management, access reviews, and ABAC models
  • Strong understanding of cloud IAM (AWS IAM, GCP IAM, Azure RBAC)
  • Experience building secure integrations and automation using REST APIs and event-driven architectures
  • Experience leading significant cross-team security initiatives
  • Strong knowledge of RBAC, ABAC, PAM, and Zero Trust architecture principles
  • Experience working in high-growth, cloud-native environments
  • Strong architectural thinking and ability to design resilient, scalable systems
  • Excellent communication skills with the ability to influence cross-functional stakeholders and drive adoption of secure design patterns

Nice to have:

  • Experience implementing or integrating Just-in-Time (JIT) access or Privileged Access Management tooling
  • Experience embedding IAM controls into developer workflows (Terraform, CI/CD, GitOps)
  • Experience in regulated environments (SOX, GDPR, PCI)
  • Containerisation and orchestration experience (Docker, Kubernetes)
What we offer:
  • 25 days annual leave plus bank holidays, increasing with length of time spent working at Deliveroo
  • One day of paid leave per year to volunteer with a registered charity
  • Funded single cover healthcare on our core plan, with the option to add family members at own cost
  • On-site gym (HQ), discounted external gym membership
  • Access to wellbeing apps such as LesMills+, Strava, Headspace, Yogaia via GymPass
  • Discounted dental insurance and a range of other flexible benefits, such as critical illness cover, partner life cover, travel insurance, health assessments
  • Life assurance
  • Maternity, paternity and maternity and shared parental leave, eligible from day one of employment
  • Excellent kit to enable working from home and a parent-friendly working culture
  • Access to free mortgage advice
  • Cycle to Work Scheme or Season Ticket Loans, depending how you wish to travel
  • Excellent learning and development opportunities and access to RooLearn, our learning platform, packed with high-quality training and content
  • Regular Employee Resource Group (ERG) led social events – examples include dinners, dance lessons and in-office yoga sessions
  • Summer and end-of-year parties
  • Free Deliveroo Plus: free delivery and access to special offers
  • Team lunches from the best local restaurants
  • Up to 5% matched pension contributions

Additional Information:

Job Posted:
February 21, 2026

Icon
DELIVER - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Staff Security Engineer, IAM

Security Engineer

Location
Location
Salary
Salary:
Not provided
ryzlabs.com Logo
Ryz Labs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years total technical or security engineering experience with security focus
  • 2+ years of AWS or GCP experience implementing security and hardening activities, especially in a large or complex environments
  • 2+ years working in a CI/CD DevSecOps environment (Jenkins, Travis, Jira, GitHub, GitLab, etc.)
  • Experience with IAM solutions such as Okta and deep knowledge of AWS or GCP IAM and how to configure and maintain least-privilege and segregation of duty across boundaries
  • Knowledge and experience with EC2, ECS, S3, LBS, API Gateways, Bastion Hosts, VPC, Cloud Trail, Cloud Watch, Data Dog, SIEM and other cloud technologies
Job Responsibility
Job Responsibility
  • collaborate with our customers and suppliers to model security requirements against cloud capabilities
  • work closely with engineering teams, program management and senior stakeholders to translate requirements into achievable designs that raise the bar
  • function across teams ensuring that the strategic architecture is met across design, implementation, deployment and operation
  • playing a key role in defining the mechanisms that the company will use to validate how services are meeting all the security operational controls
  • work closely with the product and platform engineering teams to architect, implement, and operate effective cloud security controls
  • Partner with internal IT & Product Engineering stakeholders to assess gaps in products and platforms, design mitigating controls, and train and educate staff on remediations
  • Partner with the Business Technology and IAM teams to build a new Access Management and User Access Review system based on Lumos
  • Maintain inventory of cloud assets and ensure secure bootstrapping of deployed assets while monitoring for drift and potential threats across product engineering environment
  • Design and build the security components of the next phase of Sonder Security Roadmap
Read More
Arrow Right

Staff IAM Architect

We are currently seeking a Sr. IAM Architect to join our growing Information Sec...
Location
Location
Canada
Salary
Salary:
Not provided
addepar.com Logo
Addepar
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of general Information Security experience
  • At least 5 years focused on Identity & Access Management
  • Bachelor’s degree/equivalent or higher (Computer Science or Engineering preferred)
  • In-Depth Experience with Identity & Access Management tools
  • Familiar with IT Governance and Compliance functions (SOC2, Data Governance)
  • Familiar with Security Operations Center (SOC) and Vulnerability management functions
  • Skilled at developing process maps and translating processes to technical/system requirements
  • Attention to details and analytical skills
  • Ability to build strong relationships and work collaboratively
  • Excellent verbal and written communication and organisational skills
Job Responsibility
Job Responsibility
  • Provide strategic direction on the overall maturity of the internal IAM program
  • Improve Data Quality in upstream and downstream systems (HRIS, IGA, IDP, Productivity Tools)
  • Lifecycle Management (Joiners, Movers and Leavers)
  • Governance such as Entitlement Reviews and proper inventory management of identities
  • Enhancing IAM Monitoring with a focus on Non-Human Identities (NHID)
  • Identity Governance & Administration (IGA) platform Enhancements
  • Assist with the Production Readiness process for IAM related queries and needs
  • Analysis and Understanding of access requirements, internal process & systems flows, client expectations, security policies to enforce least privileged access
  • Solution new processes and/or technologies to improve overall security posture
  • Assist with development and refinement of Information Security Policies & Standards
  • Fulltime
Read More
Arrow Right

Staff IAM Architect

We are currently seeking a Sr. IAM Architect to join our growing Information Sec...
Location
Location
United States
Salary
Salary:
137000.00 - 214000.00 USD / Year
addepar.com Logo
Addepar
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of general Information Security experience
  • At least 5 years focused on Identity & Access Management
  • Bachelor’s degree/equivalent or higher
  • Computer Science or Engineering related education preferred
  • In-Depth Experience with Identity & Access Management tools
  • Familiar with IT Governance and Compliance functions, including SOC2 and Data Governance
  • Familiar with Security Operations Center(SOC) and Vulnerability management functions
  • Skilled at developing process maps, and translating processes to technical / system requirements
  • Attention to details and analytical skills
  • Ability to build strong relationships and work collaboratively
Job Responsibility
Job Responsibility
  • Provide strategic direction on the overall maturity of the internal IAM program
  • Improve Data Quality in upstream and downstream systems (eg: HRIS, IGA, IDP, Productivity Tools)
  • Lifecycle Management (eg: Joiners, Movers and Leavers)
  • Governance such Entitlement Reviews and proper inventory management of identities
  • Enhancing IAM Monitoring with a focus on Non-Human Identities (NHID)
  • Identity Governance & Administration (IGA) platform Enhancements
  • Assist with the Production Readiness process to assist with IAM related queries, needs and assist stakeholders
  • Analysis and Understanding of access requirements, internal process & systems flows, client expectations, security policies, etc. to enforce a least privileged access model
  • Solution new processes and/or technologies to improve the overall security posture
  • Assisting with the development and refinement of Information Security Policies & Standards
What we offer
What we offer
  • bonus
  • equity
  • benefits
  • reasonable accommodation for individuals with disabilities
  • flexible workforce model
  • Fulltime
Read More
Arrow Right

Technical Support Engineer Staff

Solves technical issues across a broad range of technologies (Servers, Storage, ...
Location
Location
United States , San Jose
Salary
Salary:
89400.00 - 206500.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or master's degree in a related area of study with typically 7 - 10 years’ experience
  • Proficiency in designing, integrating, and troubleshooting cloud services hosted on hybrid cloud platforms such as HPE Greenlake, Azure Stack HCI
  • Experience with various public clouds, i.e. Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP)
  • Understanding of cloud architecture, microservices communication, and comprehensive working knowledge of cloud building blocks from computing, storage, networking, and databases
  • Strong knowledge of both Linux and Windows operating systems
  • Strong knowledge of Virtualization and Container platforms
  • Understanding of networking components such as DNS, TCP/IP, VPNs, firewalls, and network security products at the design and implementation levels
  • Experience with DevOps framework and toolsets from prominent cloud providers, as well as from the open-source world
  • Experience with automation tools and frameworks, such as Ansible, Chef, or Terraform
  • Designing level knowledge of relational databases (e.g., MySQL, PostgreSQL) and NoSQL databases (e.g., MongoDB, DynamoDB)
Job Responsibility
Job Responsibility
  • Provide consultative technical support for cloud services and infrastructure
  • Address complex customer inquiries, troubleshoot issues involving multiple cloud services, and resolve technical problems
  • Collaborate and elevate/report issues to relevant teams in a timely manner when necessary
  • Ensure cloud resources and services to ensure optimal performance and availability
  • Collaborate with cloud architects and developers to implement new cloud solutions, report new issues, and gain insights on any potential underlying issues
  • Communicate effectively with customers, partners, and internal stakeholders to drive the issue resolution
  • Document customer interactions, technical issues, and key learnings in support tickets or knowledge bases
  • Manage and monitor the health status of cloud platform services and advise customers and support teams on performing regular maintenance and updates on cloud solutions
  • Analyze security patch levels of various cloud services and ensure cloud environments are secure and compliant with industry standards
  • Identify and implement improvements to enhance system reliability and performance
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Technical Support Engineer Staff

Technical Support Engineer Staff role at Hewlett Packard Enterprise providing co...
Location
Location
United States , San Jose
Salary
Salary:
89400.00 - 206500.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or master's degree in a related area of study
  • Typically 7-10 years' experience
  • Proficiency in designing, integrating, and troubleshooting cloud services hosted on hybrid cloud platforms such as HPE Greenlake, Azure Stack HCI
  • Experience with various public clouds (Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP))
  • Understanding of cloud architecture, microservices communication, and comprehensive working knowledge of cloud building blocks from computing, storage, networking, and databases
  • Strong knowledge of both Linux and Windows operating systems
  • Strong knowledge of Virtualization and Container platforms
  • Understanding of networking components such as DNS, TCP/IP, VPNs, firewalls, and network security products
  • Experience with DevOps framework and toolsets
  • Experience with automation tools and frameworks (Ansible, Chef, Terraform)
Job Responsibility
Job Responsibility
  • Provide consultative technical support for cloud services and infrastructure
  • Address complex customer inquiries, troubleshoot issues involving multiple cloud services, and resolve technical problems
  • Collaborate and elevate/report issues to relevant teams in a timely manner
  • Ensure cloud resources and services to ensure optimal performance and availability
  • Collaborate with cloud architects and developers to implement new cloud solutions
  • Communicate effectively with customers, partners, and internal stakeholders to drive issue resolution
  • Document customer interactions, technical issues, and key learnings
  • Manage and monitor the health status of cloud platform services
  • Advise customers and support teams on performing regular maintenance and updates
  • Analyze security patch levels of various cloud services
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Staff Devops Engineer

Balbix is looking for a Staff DevOps Engineer to join our growing team. This rol...
Location
Location
India , Delhi
Salary
Salary:
Not provided
balbix.com Logo
Balbix
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in DevOps/Platform Engineering
  • 4+ years working on setting up infrastructure in AWS for Saas based product development organization
  • Solid understanding of the AWS infrastructure and working with services such as load balancers (NLB/ALB/ELB), IAM, KMS, Networking, EC2, CloudWatch, CloudTrail, Lambda, etc.
  • 4+ years experience with building infrastructure using Terraform
  • 3+ years of solid experience in Kubernetes, Helm
  • Excellent knowledge of working on configuration management systems such as Ansible.
  • Knowledge of CI/CD code management and deployment technologies such as GitLab, Docker
  • Excellent time management skills while staying focused and calm under pressure in meeting competing deadlines, ability to quickly change priorities when needed
  • Ability to communicate clearly and effectively, both written and verbal
  • Be available for on-call duties
Job Responsibility
Job Responsibility
  • Work with the existing DevOps team to design and develop IaC components for the Balbix solution and internal engineering tools running in AWS.
  • Building and deploying state-of-the-art security SaaS platform using the latest CI/CD techniques which are fully automated, repeatable and secure.
  • Administration of Linux systems at scale using automation.
  • Secure infrastructure using security best practices (TLS, bastion hosts, certificate management, authentication and authorization, network segmentation, etc.)
  • Work with the existing DevOps team to design, develop and manage deployments on several Kubernetes clusters.
  • Manage, maintain, and monitor our infrastructure.
  • Work with the existing DevOps team to design and implement a consistent logging, monitoring, and diagnostic system for the Balbix solutions.
  • Fulltime
Read More
Arrow Right

Staff Software Engineer I - Internal Access Management

We are seeking a Staff Software Engineer to lead the technical vision, architect...
Location
Location
Salary
Salary:
225100.00 - 264500.00 CAD / Year
confluent.io Logo
Confluent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of engineering experience
  • 4+ years in security, IAM, or distributed systems
  • Deep expertise in Kubernetes, workload identity, cloud IAM (AWS, GCP, Azure), and zero-trust architectures
  • Strong understanding of authentication technologies: IAM, OAuth2, OIDC, policy engines, and modern zero-trust principles
  • Proven track record leading multi-team technical initiatives at a Staff or Senior Staff level
  • Strong knowledge of distributed systems, cloud infrastructure, container orchestration, and service mesh
  • Excellent communication and stakeholder-influence skills across engineering and security domains
Job Responsibility
Job Responsibility
  • Define and drive the long-term architecture and roadmap for Internal Access Management across Kubernetes and multi-cloud environments
  • Architect and implement least privilege, just-in-time access, and zero-trust models across Confluent services
  • Build and evolve scalable access-authorization workflows and lifecycle management systems using technologies such as SPIFFE/SPIRE, OPA, cloud IAM policies, workload identity, and internal enforcement engines
  • Strengthen security boundaries through threat modeling, defense-in-depth practices, and comprehensive access-auditing capabilities
  • Partner with cross-functional teams—including Platform, Kafka, Observability, Developer Productivity, Release Engineering, and SRE—to drive adoption of secure identity and access patterns
  • Mentor senior engineers, elevate engineering standards, and influence architectural decisions across the organization
  • Communicate complex technical decisions clearly and align stakeholders across engineering and security
What we offer
What we offer
  • Remote-First Work
  • Robust Insurance Benefits
  • Flexible Time Away
  • The Best Teammates
  • Experience Ambassadors
  • Open and Honest Culture
  • Well-Being and Growth
  • Offers Equity
  • Fulltime
Read More
Arrow Right

Sr. Staff Security Engineer

Our mission is to protect, defend, and secure Uber’s products, infrastructure an...
Location
Location
United States , Sunnyvale; Seattle; New York
Salary
Salary:
267000.00 - 297000.00 USD / Year
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree or equivalent in Computer Science, Engineering, Information Security or related field
  • 10+ years full-time work experience in security engineering, with a strong focus on security defense and incident response
  • Deep technical expertise in multiple security domains, such as network security, endpoint security, cloud security (GCP, OCI, Azure, AWS), and identity and access management
  • Strong scripting and automation skills (e.g., Python, PowerShell, Bash, Golang) are highly desirable
  • Proven experience designing, implementing, and managing complex security solutions at an enterprise level
  • Excellent analytical and problem-solving skills, with the ability to diagnose and resolve complex security issues
  • A proactive and results-oriented mindset with a passion for staying ahead of the evolving threat landscape
  • Experience leading technical security projects and mentoring other engineers
  • Excellent communication, collaboration, and interpersonal skills, with the ability to effectively communicate technical information to diverse audiences
Job Responsibility
Job Responsibility
  • Lead the technical direction and architecture of our cyber security defense capabilities, including areas such as enterprise security posture management, threat detection and response, and vulnerability management
  • Design and implement robust and scalable security solutions leveraging a diverse range of technologies (e.g., SIEM, EDR, SOAR, cloud security platforms, IAM)
  • Lead incident response efforts, including investigation, containment, and recovery activities. Perform post-incident analysis and recommend improvements to prevent future occurrences
  • Proactively research and evaluate emerging security threats, technologies, and trends, and provide recommendations for their adoption to enhance our security posture
  • Collaborate effectively with cross-functional teams, including Engineering, IT, Legal, and Compliance, to integrate security considerations into the development lifecycle and business processes
  • Mentor and provide technical guidance to junior security engineers, fostering a culture of continuous learning and growth within the team
  • Contribute to the development and automation of security tools and processes to improve efficiency and effectiveness
  • Communicate complex security concepts and risks effectively to both technical and non-technical audiences
  • Participate in security audits and compliance initiatives, providing technical expertise and ensuring adherence to security standards
What we offer
What we offer
  • eligibility to participate in Uber's bonus program
  • may be offered an equity award & other types of comp
  • eligible for various benefits
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy