At Starling, we are on a mission to provide people with a fairer, smarter, and more human alternative to traditional banks. We are building a leading digital bank, driven by fast technology, fair service, and honest values. Our vision is to create a banking industry that serves everyone, which we accomplish by developing best-in-class proprietary technology, offering an exceptional customer experience, and establishing a strong, sustainable business.
Our five core values – Listen, Keep It Simple, Do The Right Thing, Own It, and Aim for Greatness – are at the heart of everything we do, guiding our strategy and shaping our culture. We're a branchless, largely paperless bank, committed to responsible banking, sustainability, and fostering an inclusive environment where everyone can thrive.
Hybrid working: All Starling colleagues spend a minimum of 10 days per month in the office with flexibility to work the rest from home.
This advert will close on Friday, 6th February at 5pm.
The Opportunity
This role sits within the 1LoD Risk and Control Team, acting as a bridge between Engineering, Product, and Operations. You will drive the Incident Management function by;
- Orchestrating the response to complex incidents across a cloud-native banking platform, with a specific focus on Payments infrastructure (e.g., Faster Payments, Card Processing) to ensure minimal disruption to customer money movement, with a particular focus on Major Incident Management.
- Leading coordination within an Agile/DevOps environment, balancing rapid resolution with the high-rigor risk controls required of a regulated bank.
- Serving as a 1LoD Risk Partner, providing the 'translation layer' between technical microservice failures and their impact on Conduct Risk, Consumer Duty, and operational stability.
- Leading the Post-Incident Review (PIR) process to identify systemic control gaps, ensuring all resulting remediation actions are clearly defined, assigned, and tracked through to completion to meet risk and regulatory standards.
Key Accountabilities Include:
- Enabling the Incident Command (IC) structure by providing the framework and real-time guidance that allows business and technical owners to lead their own incidents from identification through to resolution.
- Governing the "Golden Source" of incident data, providing robust 1LoD challenge to technical and financial impact assessments to ensure the audit trail is accurate and regulatory-compliant.
- Providing expert "Flight Control" during major incidents, specifically for Payments and Tech disruptions, ensuring the business owners are considering regulatory obligations and customer impact (Consumer Duty) during recovery.
- Synthesising incident data into high-impact Executive MI; providing a consolidated view of the Bank’s risk profile by mapping technical failures to their impact on Payment Scheme compliance, Consumer Duty, and operational resilience targets.
- Partnering with Risk and Control owners to provide support and challenge on key decisions, ensuring accountability and the clear articulation of their risk profiles.
- Orchestrating the post-incident governance loop, ensuring that while the business owns the incident, the resulting remediation actions are recorded, evidenced, and tracked to closure.
Requirements
Regulatory Experience:
- An inquisitive, analytical professional with a foundational understanding of cloud-native banking including microservices, APIs, and AWS/GCP, complemented by experience in physical, cyber, and operational incident management, as well as supporting Business Continuity Planning and resilience frameworks.
- The ability to act as a "translation layer" in high-stress situations, taking complex microservice or payment failures and distilling them into clear, concise impact statements for Executive stakeholders.
- Ability to build strong relationships across Engineering and Operations. You act as a "critical friend," providing real-time guidance during incidents to ensure business owners consider regulatory obligations and customer impact (Consumer Duty) without slowing down restoration.
- A proactive approach to risk oversight; you are comfortable challenging the status quo and initial technical assumptions to ensure that incident data is accurate, auditable, and stands up to regulatory scrutiny.
- A 'can-do' attitude with the ability to take ownership of the governance loop, seeing things through from the initial "Flight Control" of a live incident to the final evidence collection for remediation actions.
Skills:
- Working knowledge of the UK and International Payments landscape (e.g., Faster Payments, BACS, SEPA), including a conceptual understanding of the transaction lifecycle and scheme-specific requirements.
- Experience managing high-severity incidents that necessitate external notification (e.g., FCA/PRA), including drafting regulatory reports and managing follow-up inquiries.
- Hands-on experience with incident platforms (e.g., incident.io, PagerDuty, or Opsgenie) and a baseline understanding of how to use monitoring suites (e.g., Datadog, Grafana) to independently verify recovery progress.
- Proficiency in data tools (e.g., Google Sheets/Excel, Looker) to perform trend analysis and synthesise incident activity into high-impact Executive MI.
- Proven experience using GRC (Governance, Risk, and Compliance) or Audit tracking tools to ensure post-incident actions are recorded, evidenced, and tracked to closure with 1LoD rigor.
Benefits
Why Join Starling?
Make an Impact: Work on projects that directly shape the future of banking and improve the financial lives of our customers. Starling is technology-led, and you'll have the freedom to accomplish your goals in innovative ways.
Culture of Excellence: Be part of a collaborative, empowered, and forward-thinking team. We encourage experimentation, ownership, and a relentless focus on "doing the right thing.”
Growth and Development: We are committed to your professional growth, offering opportunities to learn new technologies, take on new challenges, and own interesting things from day one.
A Bank That Cares: We're a Living Wage employer, committed to flexible working, and dedicated to creating a fair, open, and safe working environment with compassion and inclusion at its core.
Comprehensive Benefits: We offer a competitive salary and a comprehensive benefits package, including:
- Company-enhanced salary sacrifice pension scheme (7% employer contribution)
- Private Medical Insurance with Vitality including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton.
- 25 days holiday (plus take your public holiday allowance whenever works best for you)
- An extra day’s holiday for your birthday
- Life Insurance at 4x your salary.
- 16 hours of paid volunteering time a year.
- Ability to buy or sell annual leave.
- Generous family-friendly policies.
- Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off
- Incentivised refer a friend scheme
- Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks
- Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasingOur Commitment to Equality
Starling Bank is an equal opportunity employer, and we’re proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice. By submitting your application, you agree that Starling Bank will collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we will process, where we will process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.