Job Specifications
Description
Starling is the UK's first and leading digital bank on a mission to fix banking! We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way.
We're a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We're a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,000 people across our London, Southampton, Cardiff and Manchester offices.
Our technologists are at the very heart of Starling and enjoy working in a fast-paced environment that is all about building things, creating new stuff, and disruptive technology that keeps us on the cutting edge of fintech. We operate a flat structure to empower you to make decisions regardless of what your primary responsibilities may be, innovation and collaboration will be at the core of everything you do. Help is never far away in our open culture, you will find support in your team and from across the business, we are in this together!
The way to thrive and shine within Starling is to be a self-driven individual and be able to take full ownership of everything around you: From building things, designing, discovering, to sharing knowledge with your colleagues and making sure all processes are efficient and productive to deliver the best possible results for our customers. Our purpose is underpinned by five Starling values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.
Hybrid Working
We have a Hybrid approach to working here at Starling - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person.
Our Engineering Environment
Starling engineers are excited about helping us deliver new features, regardless of what their primary tech stack may be. Hear from the team in our latest blogs or our case studies with Women in Tech .
We are looking for engineers at all levels to join the team. We value people being engaged and caring about customers, caring about the code they write and the contribution they make to Starling. People with a broad ability to apply themselves to a multitude of problems and challenges, who can work across teams do great things here at Starling, to continue changing banking for good.
As a Cloud Security Engineer at Starling, you'll be building and supporting tooling and infrastructure that spans across AWS and GCP supporting our internal operations and interfacing with other teams to deliver the services that support our business.
Requirements
We are seeking an experienced Cloud Security Engineer who believes that great security is built, not just configured. At Starling, security is a fundamental engineering pillar, and we're looking for a practitioner who thinks like a developer.
While we are looking for deep cloud expertise, we are also highly interested in candidates with strong programming skills and a background in software engineering who want to apply those talents to security. This is a hands-on role for a builder who excels at writing clean, scalable code to automate away manual gates. You will work across AWS and GCP, developing the internal tools, guardrails, and services that empower our engineering teams to ship securely without sacrificing speed.
Key Responsibilities
Engineer Secure Foundations: You will lead the design and implementation of critical security services, with a heavy focus on building robust Identity and Access Management (IAM) systems and automated, API-driven certificate management workflows.
Security-as-Code & Scalability: Leveraging a software-first philosophy, you will develop and maintain high-quality, scalable security tooling and middleware within ECS and Kubernetes environments, ensuring security logic is integrated directly into the deployment pipeline.
Collaborative Code Ownership: You will serve as a technical authority in cross-functional code reviews, acting as an engineering peer who helps teams bake security into their services from the first line of code to the final pull request.
Proactive System Hardening: You will stay ahead of the evolving threat landscape by treating security as a continuous engineering challenge-proactively identifying vulnerabilities and architecting technical solutions to fortify our global ecosystem.
Professional Requirements
Demonstrated ability to architect secure, distributed systems with a focus on programmatic IAM and automated, API-driven PKI management.
Extensive experience with Infrastructure as Code (IaC) in Terraform and a deep commitment to writing clean, maintainable, and production-grade code-ideally in Golang.
A test-first mentality toward security, with experience building unit and integration tests into CI/CD pipelines to ensure that security guardrails are as reliable as the features they protect.
A strong conceptual grasp of cryptographic
About the Company
Welcome to Women in Tech - a collaborative community in the UK dedicated to empowering women in STEM to make career choices through news, guidance, inspirational case studies, job opportunities and events.
Know more