Cloud Security Engineer

Starling is the UK’s first and leading digital bank on a mission to fix banking! We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way.

We’re a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We’re a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,000 people across our London, Southampton, Cardiff and Manchester offices.

Our technologists are at the very heart of Starling and enjoy working in a fast-paced environment that is all about building things, creating new stuff, and disruptive technology that keeps us on the cutting edge of fintech. We operate a flat structure to empower you to make decisions regardless of what your primary responsibilities may be, innovation and collaboration will be at the core of everything you do. Help is never far away in our open culture, you will find support in your team and from across the business, we are in this together!

The way to thrive and shine within Starling is to be a self-driven individual and be able to take full ownership of everything around you: From building things, designing, discovering, to sharing knowledge with your colleagues and making sure all processes are efficient and productive to deliver the best possible results for our customers. Our purpose is underpinned by five Starling values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.

Hybrid Working

We have a Hybrid approach to working here at Starling - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person.

Our Engineering Environment

Starling engineers are excited about helping us deliver new features, regardless of what their primary tech stack may be. Hear from the team in our latest blogs or our case studies with Women in Tech.

We are looking for engineers at all levels to join the team. We value people being engaged and caring about customers, caring about the code they write and the contribution they make to Starling. People with a broad ability to apply themselves to a multitude of problems and challenges, who can work across teams do great things here at Starling, to continue changing banking for good.

As a Cloud Security Engineer at Starling, you’ll be building and supporting tooling and  infrastructure that spans across AWS and GCP supporting our internal operations and interfacing with other teams to deliver the services that support our business.

Requirements

We are seeking an experienced Cloud Security Engineer who believes that great security is built, not just configured. At Starling, security is a fundamental engineering pillar, and we’re looking for a practitioner who thinks like a developer.

While we are looking for deep cloud expertise, we are also highly interested in candidates with strong programming skills and a background in software engineering who want to apply those talents to security. This is a hands-on role for a builder who excels at writing clean, scalable code to automate away manual gates. You will work across AWS and GCP, developing the internal tools, guardrails, and services that empower our engineering teams to ship securely without sacrificing speed.

Key Responsibilities

• Engineer Secure Foundations: You will lead the design and implementation of critical security services, with a heavy focus on building robust Identity and Access Management (IAM) systems and automated, API-driven certificate management workflows.
• Security-as-Code & Scalability: Leveraging a software-first philosophy, you will develop and maintain high-quality, scalable security tooling and middleware within ECS and Kubernetes environments, ensuring security logic is integrated directly into the deployment pipeline.
• Collaborative Code Ownership: You will serve as a technical authority in cross-functional code reviews, acting as an engineering peer who helps teams bake security into their services from the first line of code to the final pull request.
• Proactive System Hardening: You will stay ahead of the evolving threat landscape by treating security as a continuous engineering challenge—proactively identifying vulnerabilities and architecting technical solutions to fortify our global ecosystem.

Professional Requirements

• Demonstrated ability to architect secure, distributed systems with a focus on programmatic IAM and automated, API-driven PKI management.
• Extensive experience with Infrastructure as Code (IaC) in Terraform and a deep commitment to writing clean, maintainable, and production-grade code—ideally in Golang.
• A test-first mentality toward security, with experience building unit and integration tests into CI/CD pipelines to ensure that security guardrails are as reliable as the features they protect.
• A strong conceptual grasp of cryptographic primitives and hands-on experience securing containerized workloads and service meshes within ECS and Kubernetes.
• A track record of taking end-to-end ownership of complex technical projects, from initial design docs and RFCs through to deployment and observability.
• A belief that if it isn't tested, it's broken, and a drive to proactively identify and fix vulnerabilities by treating security as a continuous engineering challenge.

Our Team Philosophy

The Security Engineering team is a diverse and dynamic group passionate about building secure and resilient systems. We're enthusiastic about security, but we're not about rigid, one-size-fits-all controls. We believe in striking a balance between protecting our systems and empowering our developers to build and innovate. Our goal is to make security a seamless part of the development lifecycle, not a roadblock. If you are someone who thrives in a collaborative environment and is excited about finding innovative security solutions, we would love to hear from you.

Our process:

Interviewing is a two way process and we want you to have the time and opportunity to get to know us, as much as we are getting to know you! Our interviews are conversational and we want to get the best from you, so come with questions and be curious. In general you can expect the below, following a chat with one of our Talent Team:

• Initial phone call - ~45 minutes
• Take home technical test to be discussed in the technical interview - ~3 hours
• Technical interview - ~1.5 hours
• Final Interview - ~40 minutes

Benefits

• 25 days holiday (plus take your public holiday allowance whenever works best for you)
• An extra day’s holiday for your birthday
• Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off
• 16 hours paid volunteering time a year
• Salary sacrifice, company enhanced pension scheme
• Life insurance at 4x your salary & group income protection
• Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
• Generous family-friendly policies
• Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks
• Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing

About Us:

You may be put off applying for a role because you don't tick every box. Forget that! While we can’t accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren’t sure if you're 100% there yet, get in touch anyway. We’re on a mission to radically reshape banking – and that starts with our brilliant team. Whatever came before, we’re proud to bring together people of all backgrounds and experiences who love working together to solve problems.

Starling is an equal opportunity employer, and we’re proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice.

By submitting your application, you agree that Starling may collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we may process, where we may process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.