Security Incident Response Lead

At Deliveroo, it is our mission to build the definitive food company. In order to do that, we’re building a company where everyone can belong, grow and do the best work of their lives. 

As a Security Incident Response Lead you will have the opportunity to define, implement and lead an incident response strategy; ensuring security incidents and privacy issues are quickly identified, contained and fully investigated. You’ll be part of a growing Security Operations team who are focused on detecting attacks against a backdrop of an ever-advancing cyber threat landscape with automation at the heart of everything we do. While we have some practices in place, you’ll need to design processes, playbooks and technology requirements from scratch to best support our Security maturity journey.

The role is a unique opportunity to directly influence the overall Security Operations strategy where you can harness our existing process and technology investments and bring new ways of working to help us protect our employees, customers, riders and restaurants. As we continue to grow our business, your specialist capabilities will play a key part in our story.

What you’ll be doing

• Design, implement and own an incident response strategy encompassing the full security incident lifecycle 
• Lead the response to security incidents by coordinating technical responders and communicate live updates to key business stakeholders
• Design and document incident response playbooks and ensure key processes are followed, capturing details to a high auditable standard
• Implement and develop an incident response platform to centrally manage incidents, embracing orchestration and automation technology
• Develop and mentor incident responders, focussed on threat hunting, triage, containment and eradication
• Drive post-incident review activity with a focus on root cause analysis and continuous improvement
• Lead cyber threat exercising initiatives to demonstrate maturity across NIST and to identify areas for further development
• Provide support for major incident escalations, which may involve occasional out-of-hours activity. Design an on-call capability to support security incidents 24/7
• Produce regular management reports pertaining to incident trends and the current cyber threat landscape

Requirements

• Proven security incident management experience in a cloud-centric, fast-moving organisation
• Exceptional communication skills, capable of influencing senior management and driving business decisions
• Practical experience implementing and developing a mature Incident Response platform
• Demonstrable experience defining incident response playbooks to a high auditable standard
• Experience identifying and managing data privacy issues, working in conjunction with Legal and Data Privacy teams
• Experienced people leader, focussed on developing the technical capabilities of others

Preferred, but not required

• SANS, ISC2, CompTIA or other equivalent industry certification
• In-depth knowledge of the latest security vulnerabilities, exploits and malware attack vectors
• Demonstrable coding skills with familiarity in multiple languages

Why Deliveroo?

Our mission is to be the definitive food company. We are transforming the way the world eats by making food more convenient and accessible. We give people the opportunity to eat what they want, when and where they want it.

We are a technology-driven company at the forefront of the most rapidly expanding industry in the world. We are still a small team, making a very large impact, seeking to answer some of the most interesting questions out there. We move fast, value autonomy and ownership, and we are always looking for new ideas.

Workplace & Diversity

At Deliveroo we know that people are the heart of the business and we prioritise their welfare. We offer a wide range of competitive benefits in areas including health, family, finance, community, convenience, growth and relocation.

We believe a great workplace is one that represents the world we live in and how beautifully diverse it can be. That means we have no judgement when it comes to any one of the things that make you who you are - your gender, race, sexuality, religion or a secret aversion to coriander. All you need is a passion for (most) food and a desire to be part of one of the fastest growing startups in an incredibly exciting space.