Security Engineer - Engine by Starling

Social network you want to login/join with:

col-narrow-left

Starling Bank

London, United Kingdom

-

Yes

col-narrow-right

a131de2ae30c

4

05.05.2025

19.06.2025

col-wide

At Engine by Starling, we are on a mission to find and work with leading banks worldwide to build rapid growth businesses using our technology.

Engine is Starling's SaaS business, built to power Starling Bank, which became a separate entity a year ago.

Starling Bank's success is largely due to its modern, ground-up technology platform. Our SaaS platform now enables banks globally to leverage innovative digital features and efficient back-office processes.

Our technologists thrive in a fast-paced, innovative environment focused on building and creating disruptive fintech solutions. We promote a flat organizational structure that empowers decision-making, fosters collaboration, and encourages knowledge sharing. Support is always available within our open culture.

Success at Engine requires being self-driven and taking ownership—from development and design to knowledge sharing and process improvement. Our core values are: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.

Hybrid Working

We prefer employees to be within commuting distance of our offices to facilitate in-person collaboration.

About the role:

We seek an experienced Security Engineer to join our Security Engineering team. You will collaborate with the GRC & compliance team and various engineering teams to embed security into all our processes. Your focus will span our multi-tenant SaaS cloud environments and internal infrastructure, strengthening both against threats.

Engine engineers are passionate about delivering new features across diverse tech stacks. Learn more from our case studies and initiatives with Women In Tech.

• Day in the Life of a Software Engineer
• Running a Backend Team

What you’ll do:

• Define Google Cloud security architecture with stakeholders (identity, runtime security, posture)
• Develop security tools tailored to our landscape
• Secure systems, applications, and data through robust access, authentication, and authorization mechanisms
• Automate compliance and security controls
• Drive security deployment across environments
• Conduct security assessments, audits, threat modeling, and architecture reviews to identify and mitigate risks
• Lead incident response efforts, including investigation and remediation
• Support security awareness and promote DevSecOps practices

Requirements:

Essential skills:

• Deep knowledge of security principles, technologies, and threat mitigation
• Understanding of attack vectors and methodologies (OWASP, Mitre ATT&CK, social engineering)
• Ability to identify threats and vulnerabilities
• Experience documenting security requirements
• Proven cloud security architecture experience (AWS, Google Cloud)
• Strong problem-solving and communication skills with a passion for security
• Ability to address security gaps with solutions
• Proactive in staying updated on security threats and techniques
• Programming skills in Python, Go, and automation tools
• Experience automating security controls and compliance checks (SOC 2, ISO 27001, PCI DSS)
• Understanding incident response processes

Desirable skills:

• Experience with security frameworks (NIST, SOC2, ISO27001, PCI-DSS)
• Knowledge of Infrastructure as Code (CloudFormation, Terraform)
• Expertise in Kubernetes, network security, RBAC (CKA, CKS)
• Container security and image provenance
• Network protocols, firewalls, IDS/IPS, WAFs
• Security integration in SDLC
• Secure code review experience
• Cryptography expertise
• Experience with cloud-native security monitoring and logging
• Relevant certifications (CISSP, CCSP, CISM, AWS Security, GCP Security)

Our interview process is conversational, allowing you to learn about us and showcase your skills. It typically includes:

• Initial interview with the deputy CTO (~45 min)
• Technical interview with Security Engineers (~1.5 hrs)
• Final interview with CTO/BISO (~45 min)

Benefits include generous holidays, additional days for birthdays, paid volunteering, pension schemes, insurance, private healthcare, family policies, referral bonuses, discounts, and wellness initiatives.

About Us

We encourage applications even if you don't meet every criterion. We're committed to diversity and inclusion. By applying, you consent to our data processing in accordance with our Privacy Notice.