Head of Security Operations & Response

Head of Security Operations & Response

 

At Deliveroo, it is our mission to build the definitive food company. In order to do that, we’re building a company where everyone can belong, grow and do the best work of their lives. 

 

As Head of Security Operations & Response you will define, implement and lead threat detection, incident response and forensic strategy; ensuring security incidents and privacy issues are quickly identified, contained and fully investigated. You’ll be part of a rapidly growing Security team who are laser-focused on maturing security practices throughout the organisation against a backdrop of an advancing cyber threat landscape. Automation is at the heart of everything we do and while we have many practices in place, you’ll need to develop people, design processes, and implement technology platforms to best support our maturity journey.

 

Reporting to the CISO, this role is a unique opportunity to directly influence the overall Security strategy. You can harness our existing investments and bring new ways of working to help us protect our employees, customers, riders and restaurants. As we continue to grow our business, your specialist capabilities will play a key part in our story.

What you’ll be doing

 

• Design, implement and own an operational strategy encompassing the full security incident lifecycle 
• Design, document and mature operational processes with a focus on automation and maturity against the NIST framework
• Design, implement and mature a 24/7 in-house Security Operations Centre
• Manage and continuously develop a team of threat detection, incident response, threat intelligence and forensic specialists
• As a subject matter expert, coordinate and direct the response to high severity security incidents, providing hands-on technical support and Executive-level briefings
• Drive post-incident review activity with a focus on root cause analysis and continuous improvement
• Manage and cultivate relationships with key technology partners to enhance security monitoring and response activity across SIEM, EDR, SOAR, WAF and AWS infrastructure
• Support and lead on wider security initiatives which ensure compliance with Security Policy, providing technical leadership and direction
• Produce regular management reports showcasing threat detection activity, incident trends and overall security maturity progress
• Develop and cultivate a network of internal stakeholders including Engineering, Privacy, Legal and Compliance to keep pace with business-wide strategic activity
• Provide support for major incident escalations, which may involve occasional out-of-hours activity

Requirements

• Demonstrable experience in building, managing and maturing security operations and incident response strategy in a cloud-centric, fast-moving organisation
• Exceptional communication skills, capable of influencing senior management and driving business decisions
• Practical experience implementing and developing a mature threat detection and incident response processes
• Significant expertise and demonstrable experience in cloud security, network security, malware analysis, intrusion detection/prevention, forensic investigation and threat intelligence
• Demonstrable experience of providing leadership, motivation, challenge and oversight of a large, high performing team
• Ability to build trusted relationships with stakeholders at all levels, and effective collaborations with other teams
• Ability to plan, prioritise and manage resources within a collaborative team-based environment
• Exhibit excellent analytical skills with the ability to manage multiple projects and handle multiple competing priorities
• Demonstrate a high level of personal integrity to handle confidential HR/Legal investigations

 

Preferred, but not required

 

• SANS, ISC2, CompTIA or other equivalent industry certification
• In-depth knowledge of the latest security vulnerabilities, exploits and malware attack vectors
• Demonstrable coding skills with familiarity in multiple languages

Why Deliveroo?

 

Our mission is to be the definitive food company. We are transforming the way the world eats by making food more convenient and accessible. We give people the opportunity to eat what they want, when and where they want it.

 

We are a technology-driven company at the forefront of the most rapidly expanding industry in the world. We are still a small team, making a very large impact, seeking to answer some of the most interesting questions out there. We move fast, value autonomy and ownership, and we are always looking for new ideas.

Workplace & Diversity

 

At Deliveroo we know that people are the heart of the business and we prioritise their welfare. We offer a wide range of competitive benefits in areas including health, family, finance, community, convenience, growth and relocation.

 

We believe a great workplace is one that represents the world we live in and how beautifully diverse it can be. That means we have no judgement when it comes to any one of the things that make you who you are - your gender, race, sexuality, religion or a secret aversion to coriander. All you need is a passion for (most) food and a desire to be part of one of the fastest growing startups in an incredibly exciting space.