Senior DevSecOps Engineer

Requirements

• 5+ years of experience working as a DevSecOps engineer.
• Bachelor's degree in computer science or equivalent practical experience.
• Security certifications ( CISSP, CEH, SANS, CREST, OCSP )
• Extensive experience in delivering secure applications in a cloud environment
• Writes code (e.g, Python, Go, NodeJS, Rust, Swift / Kotlin ), builds tools and integrations.
• Experience with Terraform.
• Hand on experience with multiple Security tools such as Checkmarx, Snyk, Cloudflare, AWS GuardDuty, AWS Inspector, Crowdstrike, Prisma Cloud, Wiz, etc.
• Extensive experience with version control and CI/CD pipeline ( gitlab, GitHub, CircleCI, bitrise ).
• Worked on s-SDLC in a large enterprise organization(s).
• Broad knowledge of the security technologies and capabilities used in an enterprise, particularly in a high growth, cloud-based environment.
• Extensive experience in cloud native technologies such as Kubernetes, Docker, Registries, containers, serverless, etc.

Preferred, but not required:

• A mix of consulting and industry experience.
• Fluent with Terraform
• Experience with Bug bounty programmes.

What you'll be doing

• Act as one of the central points of contact with the business with regards to the secure software development lifecycle of applications and products.
• Work with key stakeholders to ensure that security is built into the design of applications and products across the business.
• Drive the adoption of DevSecOps throughout the company.
• Integrate and maintain key security controls and technologies for the Security team in order to support DevSecOps.
• Deliver security automation at scale throughout the company to ensure high speed, automated security testing throughout the delivery pipeline.
• Analyse applications and products to identify key security risks, and recommend and drive security improvements using a risk-based approach.
• Work closely with engineering teams to design and implement security controls.
• Perform vulnerability assessments and security testing.
• Actively work with engineers to remediate vulnerabilities.
• Support the Security Risk Management function on security policies and standards, security audits, vulnerability compliance, and risk management.
• Help drive the security champions program, running regular security training workshops and hackathons.
• You will be on an on-call rota, supporting our services, contributing diagnosis and resolution of security incidents.

Perks and Benefits

• At Deliveroo, you will be part of a technology-driven company at the forefront of the rapidly expanding food industry.
• We offer a wide range of competitive benefits in areas including health, family, finance, community, convenience, growth, time away, and relocation.
• We value diversity and believe in creating a workplace that represents the beautifully diverse world we live in.
• Fast-paced environment with autonomy, ownership, and opportunities for new ideas.