SOC Analyst

Social network you want to login/join with:

Starling is the UK’s first and leading digital bank on a mission to fix banking! We built a new kind of bank because we knew technology had the power to help people save, spend, and manage their money in a transformative way.

We’re a fully licensed UK bank with a culture of a fast-moving, disruptive tech company. We’re a bank, but better: fairer, easier to use, and designed to demystify money for everyone. We employ over 3,000 people across London, Southampton, Cardiff, and Manchester.

Our technologists are at the heart of Starling and enjoy working in a fast-paced environment focused on building innovative solutions and disruptive fintech technology. We operate a flat structure to empower decision-making, with innovation and collaboration at the core. Support is always available within our open culture, fostering teamwork and shared success.

The key to thriving at Starling is to be self-driven, take ownership of your work—from building and designing to sharing knowledge—and ensure processes are efficient to deliver excellent customer results. Our purpose is supported by five values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.

To support our growth, we are seeking SOC Analysts for our expanding cybersecurity team. This role involves supporting our 24/7 operational capabilities (on-call rota, not shift-based).

As part of the Starling SOC team, you will collaborate with top SecOps professionals to protect our customers, assets, and systems using cutting-edge technologies.

• Incident triage, response, and investigations based on alerts from multiple sources, including:
• Endpoint Detection and Response
• Responding to security alerts raised by users
• Enhancing analytic triggers to improve alert effectiveness
• Developing incident handling and readiness processes
• Proactive threat hunting based on intelligence
• Documenting incidents and investigations

We value aptitude and attitude over specific experience or qualifications. Here's an overview:

• 3+ years in an in-house SOC role and team
• Knowledge of AWS Security Solutions or other cloud platforms
• Experience with analysis and incident response in cloud environments like AWS or GCP
• Experience supporting analytics/SIEM platforms
• Background in CSIRT/SOC functions
• Experience in incident response engagements
• Endpoint and cloud-based investigation skills
• Experience with incident command and tabletop exercises
• Interest in automation, threat intelligence, and analytic tuning
• Understanding of mobile, network, and OS security controls
• Programming experience in Python, Go, or Java
• A relevant cybersecurity degree or certifications are a plus but not required

Our interviews are conversational to bring out your best. Expect:

• First interview: 45 minutes
• Technical interview: 90 minutes
• Final interview: 45 minutes

Starling offers a hybrid work pattern, combining remote work and in-office days. Ideally, candidates should be within commuting distance to London, Southampton, or Cardiff to facilitate in-person collaboration three days a week.

• 25 days holiday plus public holidays
• Extra day off for your birthday
• Holiday increases with service; options to buy or sell days
• 16 hours paid volunteering annually
• Salary sacrifice, pension scheme, life insurance, income protection
• Private medical insurance, mental health support, and partner discounts
• Family-friendly policies
• Perkbox membership for discounts and wellness
• Initiatives like Cycle to Work, gym partnerships, EV leasing

Don't be discouraged if you don't meet every criterion. We're open to discussing flexible working and diverse backgrounds. Our mission is to reshape banking, starting with our team. We value collaboration and problem-solving across all backgrounds and experiences.