About The Role
As an experienced Penetration Tester you will be working with talented cyber security professionals to protect Starling customers, company assets and systems using the latest technologies and techniques. The primary objective for this role is to collaborate with, support, and guide Starling's engineering and operation functions to ensure our services are designed, developed and operated securely. You will directly interact with multiple areas of the business to understand requirements, define the scope and approach to testing, and produce reporting information aligned to our risk framework.
Responsibilities
* Scoping and performing mobile, web application, cloud, and infrastructure penetration tests
* Automation of security testing and development of internal tooling to achieve continuous assurance
* Collaboration with engineering teams to facilitate secure development, including:
o Review and analysis of proposed technical solutions to identify appropriate security controls
o Input and guidance to security related technical architecture and design decisions
o Code review of features and critical security components
o Practical security testing
o Advising on remediation of security issues and processes to address root causes
* Security assurance reviews of third‑party solutions
* Identifying and implementing improvements to the team's internal processes and procedures
* Review, analysis and reporting of external threats relevant to Starling systems and solutions, in the context of Starling's desired security posture
Requirements
We’re open‑minded when it comes to hiring and we care more about aptitude and attitude than specific experience or qualifications. Ideally, we would like:
* 5+ years technical information security experience
* Experience of mobile, web application, cloud and infrastructure penetration testing
* Strong technical knowledge in:
o Mobile security (iOS and Android)
o Web application security
o Networking and associated protocols
o Cloud security (AWS and GCP)
o Containers and Kubernetes
* A desire to learn, and ability to apply technical security knowledge to new and unfamiliar areas
* CREST, OSCP or similar industry penetration testing qualification
* A good understanding of applied cryptographic techniques
* Reverse engineering and exploit development capabilities
* Experience of security testing in an agile SDLC
* Threat modelling experience
* Experience performing code reviews, particularly in Java and Go
* Experience of fulfilling a client facing security consulting role
* Excellent verbal and written communication skills
* Experience in automation of security testing, with previous development experience desirable
Benefits
* Hybrid working – minimum of 1 day per week at one of our offices
* 25 days holiday (plus public holidays, plus birthday day)
* Increasing annual leave with length of service, with option to buy/sell up to five extra days
* 16 hours paid volunteering per year
* Salary sacrifice, company enhanced pension scheme
* Life insurance 4× salary and group income protection
* Private Medical Insurance with VitalityHealth, including mental health and cancer care; partner discounts with Waitrose, Mr&Mrs Smith, Peloton
* Generous family‑friendly policies
* Perkbox membership (retail discounts, wellness platform, weekly perks)
* Access to Cycle to Work, Salary Sacrificed Gym partnerships, Electric Vehicle leasing
About Us
We are on a mission to radically reshape banking. Our culture is collaborative, flat and data‑driven, and we value diversity and inclusion. If you’re excited to build the future of banking, we want to hear from you.
Equal Opportunity Statement
Starling is an equal opportunity employer. Individuals seeking employment are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, disability, veteran status, or any other characteristic protected by law. By applying you consent to data processing pursuant to our Privacy Notice.
#J-18808-Ljbffr