Starling Bank

Senior Penetration Tester

Starling Bank

full-time

Posted on:

Location Type: Hybrid

Location: LondonUnited Kingdom

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AndroidAWSCloudGoGoogle Cloud PlatformiOSJavaKubernetesPython

About the role

  • Scoping and performing mobile, web application, cloud and infrastructure penetration tests.
  • Collaborating with engineering teams to facilitate secure development, including:
  • - Reviewing and analysing proposed technical solutions to identify appropriate security controls.
  • - Conducting code reviews of features and critical security components.
  • - Performing in-depth practical security testing.
  • - Advising on the remediation of security issues and identifying solutions to address root causes.
  • Automating security testing and developing internal tooling to achieve continuous assurance.
  • Identifying and implementing improvements to the team’s internal processes and procedures.
  • Mentoring less-experienced team members, leading by example in technical assessments, and promoting a collaborative approach to security across Starling.

Requirements

  • 5+ years technical information security experience.
  • Experience in mobile, web application, cloud and infrastructure penetration testing.
  • Technical knowledge - we don't expect mastery of every area, but are looking for a good foundation in the following domains:
  • - Mobile security (iOS and Android)
  • - Web application security
  • - Networking and associated protocols
  • - Cloud security (AWS and GCP)
  • - Containers and Kubernetes
  • A desire to learn, and the ability to apply technical security knowledge to new and unfamiliar areas.
  • Penetration testing qualifications (e.g. CREST Certified Tester, OSCP) or equivalent industry experience.
  • Experience performing code reviews or code-assisted testing, particularly in Java and Go.
  • Experience in automation of security testing (e.g. using Python or Go).
  • Excellent verbal and written communication skills.
Benefits
  • 25 days holiday (plus take your public holiday allowance whenever works best for you)
  • An extra day’s holiday for your birthday
  • Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off
  • 16 hours paid volunteering time a year
  • Salary sacrifice, company enhanced pension scheme
  • Life insurance at 4x your salary & group income protection
  • Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
  • Generous family-friendly policies
  • Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks
  • Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
penetration testingmobile securityweb application securitycloud securitynetworking protocolscontainersKubernetescode reviewsautomation of security testingprogramming in Python
Soft Skills
collaborationmentoringcommunicationproblem-solvingleadership
Certifications
CREST Certified TesterOSCP