Cardiff, Wales, United Kingdom - Remote
As a member of the Starling cyber security team, you will be working with some of the industry’s brightest cyber security professionals to protect Starling customers and company information assets and systems using the latest technologies and techniques.If you have experience with mobile security, web application security, and cloud security we would love to hear from you!
The primary objective for this role is to support Starling’s engineering and operation functions to ensure that our services are built and operated securely.
- Scoping and performing of mobile, application, cloud and infrastructure penetration testing against Starling systems and products
- Helping our engineers to bake in security from the ground up in their design decisions
- Scoping and execution of Red Teaming activities
- Review of third-party technical security controls for companies working with Starling systems
- Review, analysis and reporting of external threats relevant to Starling systems
- Review and analysis of technical solutions to identify appropriate security controls
We’re open-minded when it comes to hiring and we care more about aptitude and attitude than specific experience or qualifications.
Ideally, we would like:
- 5+ years technical information security experience.
- Experience of mobile, web application, cloud and infrastructure penetration testing.
- Strong technical knowledge in:
- Mobile security (iOS and Android)
- Web application security
- Networking and associated protocols
- Cloud security (AWS and GCP)
- Containers and Kubernetes
- A desire to learn, and ability to apply technical security knowledge to new and unfamiliar areas.
- CREST, OSCP or similar industry penetration testing qualification
- A good understanding of applied cryptographic techniques.
- Reverse engineering and exploit development capabilities.
- Experience of security testing in an agile SDLC.
- Threat modelling experience.
- Experience performing code reviews, particularly in Java and Go.
- Experience of fulfilling a client facing security consulting role.
- Excellent verbal and written communication skills.
- Experience in automation of security testing, with previous development experience desirable.
- 25 days holiday (plus public holidays)
- An extra day’s holiday for your birthday, taken a week on either side of the day
- 16 hours paid volunteering time a year
- Part-time and/or flexible hours available for most roles
- Hybrid/remote working
- Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
- Generous family-friendly policies
- Enhanced sick pay
- Contributory pension scheme
- Varied social groups set up and run by our employees
- Perkbox membership giving access to retail discounts, a cashback scheme, a wellness platform for physical and mental health, a birthday box and weekly free coffee
- Access to ‘salary sacrifice’ benefits such as Cycle to Work scheme
Full details are available on our careers site
Starling is a leading digital bank on a mission to disrupt the banking industry.
Since our launch in 2014, we've surpassed 2 million accounts, including over 350,000 business accounts. Our total deposits, meanwhile, have topped £5 billion and we have lent over £2bn over the same period. We're a fully licensed UK bank, and we have the culture and spirit of a fast-moving, disruptive technology company. We've won the Best British Bank award four years running, and now employ over 1500 people across our London, Southampton, Cardiff & Dublin offices.
Starling Bank is an equal opportunity employer, and we’re proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law.
By submitting your application, you agree that Starling Bank may collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we may process, where we may process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.
* Salary range is an estimate based on our salary survey at salaries.infosec-jobs.com
Explore more Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Head of Information Security jobs
- Open Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open SOC Analyst jobs
- Open Information Security Officer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Lead Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Consultant jobs
- Open Staff Application Security Engineer jobs
- Open Offensive Security Engineer jobs
- Open Security Researcher jobs
- Open Information Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Cloud Security Operations Lead jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Vulnerability management-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open Kubernetes-related jobs
- Open Firewalls-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Clearance-related jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Governance-related jobs
- Open OWASP-related jobs
- Open Forensics-related jobs
- Open CISM-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CISA-related jobs
- Open DevSecOps-related jobs
- Open SOC 2-related jobs
- Open Encryption-related jobs