Business Information Security Officer (BISO) at Engine by Starling | London

Engine by Starling is a pioneering cloud-native SaaS platform developed by Starling Bank, the UK's first and leading digital bank. We empower over 4.6 million customers and small businesses with intuitive financial tools that help them manage their money efficiently and effectively. Our mission is to spread this innovative approach to banking globally.As a cloud-native solution, Engine offers a robust platform that supports banks, building societies, and credit unions around the globe. We enable our partners to leverage advanced digital features and streamlined back-office processes that have contributed to Starling's remarkable success.At Engine, we embrace five core principles: listen, keep it simple, do the right thing, own it, and aim for greatness. Since our inception in 2022, we have rapidly grown, adopting an agile mindset that fosters innovation and adaptability. We cultivate an environment where our team members and partners can collaborate openly, take ownership, and drive projects forward.Hybrid Working EnvironmentOur headquarters are located in London, with additional offices in Manchester, Cardiff, and Southampton, as well as international locations in Dublin, Sydney, Dubai, Toronto, and New York. We prefer that our team members are within a reasonable commuting distance from one of our UK offices to facilitate in-person collaboration.Role OverviewAs the Business Information Security Officer (BISO), you will be instrumental in defining our security objectives and practices, leading the ongoing enhancement of our Information Security capabilities, and managing a dedicated Information Security Team. You will act as the primary liaison between Engine and Starling Bank’s Information Security teams, addressing all security-related inquiries from clients and auditors.We seek a curious and adaptable information security professional with strong leadership abilities who enjoys a collaborative and dynamic work environment. If you are passionate about problem-solving and engaging with diverse stakeholders, we would love to hear from you.

Starling Bank brings together over 3,000 professionals across London, Southampton, Cardiff, and Manchester to deliver digital banking services in the UK. The company is known for combining technology-driven solutions with the reliability expected from a fully licensed bank. Its culture centers on values such as Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Role overview The Director of Information Security leads the Office of the CISO and reports directly to the Chief Information Security Officer. This position manages a team of Information Security analysts and plays a key role in shaping and strengthening Starling Bank's security capabilities and governance. This role is designed for a seasoned information security leader who has experience building teams and driving continuous improvement. It offers a path for those considering future advancement to a CISO role. Main responsibilities Oversee the Information Security Policy Framework, ensuring alignment with the needs of Starling Group and its stakeholders, and maintaining compliance with legislation and industry standards. Develop and maintain standards for implementing security controls and procedures. Collaborate with external organizations and regulatory bodies to enhance Starling’s security posture. Location This position is based in London, England, United Kingdom.

At Engine by Starling, we prioritize security as a vital component of our engineering practice. As a Senior Cloud Security Engineer, you will play a critical role in shaping the security architecture of our multi-tenant core banking platform. Your responsibilities will include writing code, automating security defenses, and ensuring our infrastructure across AWS and GCP is secure by design and compliant by default.Your MissionIn this dynamic role, you will lead initiatives to strengthen both our infrastructure and application platforms. You'll tackle complex security challenges through code, focusing on three key areas:Identity & Network Security: Develop robust IAM controls and implement zero-trust network architectures. You will refine edge-defense strategies ensuring every request is validated and encrypted.Unified Vulnerability Orchestration: Create a custom dashboard for security data by engineering API integrations between scanning tools, dependency trackers, and internal portals to establish a streamlined, automated vulnerability ecosystem.Compliance as Code: Align technical execution with regulatory requirements. Build automated systems that deliver real-time evidence for compliance frameworks such as SOC 2, ISO 27001 & PCI, reducing manual overhead.Your TeamYou will be a vital member of our expanding Security Engineering team, collaborating closely with our Infrastructure, Cross-Cutting, Information Security, and GRC teams. At Engine, we believe security should be integral to every technical process, not an afterthought. You will work collaboratively with engineers across the organization to create a resilient platform against evolving threats.About YouWe are seeking experienced Cloud Security Engineers, but we also welcome talented Software Engineers with strong programming skills who are eager to apply their expertise to security challenges. Engine engineers are driven by impact and high-quality outcomes, irrespective of their original tech stack. Whether you are a security specialist or a developer with a

Join Engine by Starling, where we are dedicated to partnering with top-tier banks worldwide to fuel their ambitions for rapid business growth through our cutting-edge technology.As a software-as-a-service (SaaS) division of Starling Bank, Engine was established to provide the innovative technology that has powered Starling's remarkable success. Our platform is now available for banks and financial institutions globally, allowing them to leverage advanced digital features and streamlined back-office processes.At Engine, we foster a collaborative environment where every team member contributes to delivering exceptional results for our clients. We are engineering-focused and seek passionate individuals eager to harness Engine’s technology to revolutionize banking across various markets. Our work is driven by five core values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.Hybrid Working ModelWe embrace a Hybrid working model at Engine, preferring that team members reside within a commutable distance from our offices to facilitate in-person collaboration.About Engineering at Engine by Starling - https://www.enginebystarling.com/We are actively seeking iOS Engineers to enhance the Engine Platform, ensuring our features cater to banks worldwide while also developing new functionalities that have yet to launch in the UK market.Engine by Starling engineers are enthusiastic about contributing to the rollout of new features, regardless of their primary technology stack. Learn more about our team through the case studies below, including our collaboration with Women In Tech.

Starling Bank stands as the UK’s pioneering digital bank, dedicated to transforming the banking experience for over 4 million customers across the nation. With a vibrant team of more than 3,000 professionals based in our UK offices, we are committed to leveraging technology to empower individuals to save, spend, and manage their finances in revolutionary ways. Introducing... Engine by Starling.Engine by Starling, our software-as-a-service (SaaS) platform, originated from the technology that powers Starling Bank, and has since evolved into a separate entity. Our mission is to collaborate with ambitious banks globally to help them build rapidly growing businesses utilizing our innovative technology.This SaaS technology platform offers banks and financial institutions worldwide access to cutting-edge digital features and streamlined back-office processes, contributing to Starling's remarkable success.At Engine by Starling, we place our technologists at the core of our operations, fostering a dynamic environment focused on innovation, creativity, and disruptive technology that keeps us at the forefront of the fintech landscape. We embrace a flat organizational structure that empowers you to make impactful decisions, regardless of your primary role. Collaboration and support are embedded in our open culture, ensuring that you are never alone in your endeavors.Thriving at Engine requires a self-motivated individual with a strong sense of ownership, whether you're building, designing, or sharing knowledge with your colleagues. Our commitment to efficiency and productivity is paramount to delivering exceptional results for our customers, guided by our core values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.Hybrid WorkingWe adopt a Hybrid working model, ideally situated within a reasonable commuting distance from our London office to facilitate in-person collaboration.About the RoleAs a Solution Architect (SA), you will utilize your expertise in Engine's technology and architecture to articulate the Engine product, identify client requirements, and contribute to the design of tailored solutions.Your involvement will span both the sales and delivery phases of projects, as well as ongoing client success, working alongside teams from Technology, Delivery, Product, Client Success, and Business Development.We are looking for a proactive individual capable of thriving in a fast-paced environment, ready to engage with clients and deliver outstanding technological solutions.

Join the dynamic Engineering team at Engine by Starling, where we prioritize security as a fundamental engineering discipline rather than a mere checkbox exercise. As a Cloud Security Engineer, you will play a pivotal role in shaping the security architecture of our multi-tenant core banking platform. Your responsibilities will include writing code, automating security measures, and ensuring that our infrastructure across AWS and GCP is secure by design and compliant by default.Your MissionIn this multifaceted role, you will lead initiatives to strengthen both our infrastructure and application platforms. Your primary focus will be on solving intricate security challenges through code, emphasizing three key areas:Identity & Network Security: Develop robust IAM controls and zero-trust network architectures. You will enhance our edge-defense strategies and trust redirection to ensure that every request is authenticated and encrypted.Unified Vulnerability Orchestration: Create a custom dashboard for security data. You will engineer API integrations between scanning engines, dependency trackers, and internal portals to establish a cohesive, automated vulnerability management ecosystem.Compliance as Code: Bridge the gap between technical execution and regulatory compliance. You will develop automated systems that provide real-time evidence for compliance frameworks such as SOC 2, ISO 27001, and PCI, minimizing manual oversight.About the TeamYou will be an integral member of our expanding Security Engineering team, collaborating closely with our Infrastructure, Cross-Cutting, Information Security, and GRC teams. At Engine, we believe that security should be woven into every technical process, not treated as an afterthought. You will engage with engineers across the organization to create a resilient platform that can adapt to evolving threats.Who You AreWe are primarily seeking experienced Cloud Security Engineers, but we also welcome talented Software Engineers with strong programming skills who are eager to tackle security challenges.Engine engineers are driven by the impact of their work and the delivery of high-quality solutions, regardless of their original tech stack. Whether you are a security specialist or a developer with a security-first mindset, your role within the team will be shaped by your unique strengths and interests.Your ResponsibilitiesInstead of performing manual compliance checks, you will develop systems that automate this process.Security as Code: Design and maintain custom security tools in Go to automate evidence collection for SOC 2, ISO 27001, and the remediation of security alerts.

Join us at Engine by Starling, where we collaborate with top-tier banks globally to revolutionize banking through our cutting-edge technology.Engine operates as Starling's software-as-a-service (SaaS) division, initially designed to fuel Starling's growth. Two years ago, we transitioned into an independent entity, enabling banks and financial institutions worldwide to leverage our innovative platform.Starling Bank has experienced remarkable success, largely due to our proprietary technology, which enhances digital features and streamlines back-office operations. As a team, we embrace a hands-on approach, striving for outstanding results for our clients. We are driven by values such as Listening, Simplicity, Integrity, Ownership, and Striving for Excellence.Hybrid Work EnvironmentWe promote a hybrid work model at Engine, encouraging team members to work within a commutable distance from our office to foster collaboration and interaction.About Engineering at Engine by StarlingWe seek talented Backend Software Engineers to enhance our Engine Platform by developing new extensions and integrations for our card processing system, ensuring it stands out for banks worldwide.Our engineers are passionate about delivering innovative features, regardless of their primary tech stack. Discover more about our team through our day-to-day insights and initiatives with Women In Tech.

Role overview The Chief Information Security Officer at mangroup will lead information security efforts from the London office. This executive position carries responsibility for shaping the overall security strategy, protecting digital assets, and managing risks throughout the company. Key responsibilities Direct the creation and rollout of cybersecurity programs Safeguard company data and digital systems from security threats Identify, evaluate, and manage information security risks Work closely with senior leadership to ensure security initiatives support business objectives Maintain compliance with applicable regulations and industry standards Location This position is based in London.

Join Palantir Technologies as an Information Security Engineer in London, where you will play a critical role in safeguarding our cutting-edge technology and sensitive data. Your expertise will help us develop and implement robust security strategies, ensuring that our platforms remain secure against evolving threats.

About Starling Bank Starling Bank is a digital bank based in London, focused on providing a fairer and more human alternative to traditional banking. The team combines advanced technology with a commitment to integrity and fairness. With a branchless and mainly paperless approach, Starling emphasizes responsible banking, sustainability, and inclusivity. The company’s five core values, Listen, Keep It Simple, Do The Right Thing, Own It, and Aim for Greatness, guide both strategy and culture. Role Overview: Employee Relations Partner The Employee Relations Partner plays a key role in supporting Starling’s people and leaders. This position provides expert Employee Relations support, helping managers navigate complex casework and ensuring that all actions align with company policies and legal requirements. Location London, England, United Kingdom

At Engine by Starling, we are dedicated to collaborating with premier banks globally that aspire to develop rapidly growing businesses using our cutting-edge technology.Engine represents Starling's software-as-a-service (SaaS) division, crafted to power Starling Bank, and has operated as an independent business for the past two years.Starling Bank has achieved remarkable growth and success, largely attributed to our development of modern technology from the ground up. Our SaaS platform is now accessible to banks and financial institutions worldwide, allowing them to leverage innovative digital features and efficient back-office processes that have contributed to Starling's success.As a company, we encourage everyone to actively contribute towards delivering exceptional outcomes for our clients. We are an engineering-driven organization seeking an individual who is enthusiastic about the potential of Engine's technology to revolutionize banking across diverse markets globally.Hybrid WorkingOur Hybrid working model is designed to promote collaboration and interaction, with a preference for candidates located within a commutable distance from our offices.About the RoleThe Engine Platform is a highly adaptable core banking solution that supports clients worldwide. In this role, you will focus on the development and execution of our core platform's technical strategy, encompassing integrations, connections, configurations, and internal tools that facilitate the platform's growth while enabling our clients to connect with local providers seamlessly.As a Technical Platform Owner at Engine, you will work closely with various teams across technology, collaborating with our engineering and product teams to ensure our technology platform fulfills the requirements of our clients and partner engineers. You will also align the platform with the company's overall technical strategy and long-term objectives, ensuring a smooth integration process with Engine.At Engine, we take pride in creating products we believe in. We emphasize user experience, often delivering polished solutions while remaining flexible enough to make strategic moves when necessary. We believe that excelling in product development requires clear communication, focused efforts, and a willingness to challenge conventional practices. We're open-minded in our hiring approach, valuing skills and attitude over specific experiences or qualifications.

Welcome to Starling Bank, where innovation meets banking! We are a pioneering, fully licensed UK bank determined to revolutionize the way individuals save, spend, and manage their finances. With a culture akin to a fast-paced tech company, we pride ourselves on being fairer, more user-friendly, and committed to simplifying the financial experience for everyone. Our vibrant team of over 3,500 professionals spans across our offices in London, Southampton, Cardiff, and Manchester.Role Overview:We are looking for an exceptional Director of Governance to lead a dedicated team that ensures the efficient functioning of the Starling Bank Limited board and executive risk committee framework. This pivotal role involves ensuring compliance with PRA and FCA regulations while upholding the highest standards of corporate governance.Your passion for corporate governance and your drive for continuous improvement will thrive in our dynamic environment. This senior leadership position requires close collaboration with board members and senior executives, where you will exemplify a steadfast commitment to excellence.As a proficient communicator, you will be instrumental in shaping and implementing the Bank’s corporate governance strategy while supporting the broader Group Company Secretariat objectives. A robust background in regulated financial services and/or banking is crucial for success in this role.Key Responsibilities:Lead and develop a high-performing corporate governance team of four, including one direct report (Senior Assistant Company Secretary - UK Bank).Collaborate with the Group Company Secretary and Deputy Company Secretary to provide exceptional company secretariat support to the Starling Bank Board.Oversee company secretariat support for the Starling Bank Board Risk Committee, including agenda preparation, document circulation, high-quality minute-taking, and maintaining effective communication with senior management.Facilitate annual effectiveness reviews of board and executive level risk committees, driving continuous enhancement in governance standards.Monitor and advise on evolving corporate governance trends, emerging regulatory changes, and industry best practices.Contribute to the Group Annual Report and Accounts from the Bank's perspective.

Join Starling Bank, the UK's pioneering digital bank, on a transformative mission to revolutionize banking! We harness technology to empower individuals to save, spend, and manage their finances more effectively.As a fully licensed bank in the UK, we embody the innovative spirit and agility of a tech company. Our approach is fairer, simpler, and designed to demystify money for everyone. With over 3,000 employees across London, Southampton, Cardiff, and Manchester, we foster a vibrant work culture.At Starling, our technologists play a crucial role in shaping our future, thriving in a dynamic environment focused on building and innovating cutting-edge fintech solutions. We embrace a flat organizational structure that encourages decision-making and collaboration across all levels. Our open culture ensures that support is readily available from your team and the wider business, promoting collective success!To excel at Starling, you should be self-motivated and take full ownership of your work. This includes everything from developing new solutions to sharing knowledge and enhancing processes for optimal customer outcomes. Our values—Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness—are central to our mission.Hybrid WorkingWe offer a hybrid work model. While we encourage team interactions in the office, we prefer candidates to be within a commutable distance to one of our locations.Our Engineering EnvironmentStarling engineers are driven by the desire to deliver exceptional features. We welcome engineers of all experience levels who are passionate about coding and customer service. Our team is diverse and thrives on tackling various challenges together to transform banking for the better.As a Cloud Security Engineer at Starling, you will develop and maintain tooling and infrastructure across AWS and GCP, supporting internal operations and collaborating with various teams to deliver essential services for our business.

The impact you'll make:As the Information Security Team Lead, you will spearhead the daily operations and enhancement of Elliptic's information and cyber security initiatives. Your role will involve driving the adoption of SSDLC v2.0, strengthening our cloud and SaaS security frameworks, and ensuring readiness for external audits and customer due diligence. Collaborate closely with Engineering, Platform, Legal, Procurement, and Customer teams to mitigate risks while facilitating delivery and revenue, including the implementation of Enterprise Tier security features.Your responsibilities will include:Programme Ownership and ExecutionLead the execution of the InfoSec roadmap and performance metrics. Transform strategic objectives into actionable quarterly plans with quantifiable results.Establish necessary gates, controls, and reporting mechanisms for SSDLC v2.0 across build and deployment pipelines.Direct the baselining of CSPM/SSPM and the targeted reduction of misconfigurations and vulnerabilities.Risk Management, Assurance, and Audit PreparednessOversee ISMS processes in compliance with ISO 27001. Organize evidence collection for customer audits and external assurances (e.g., penetration testing, TPOs).Lead or contribute to risk management forums. Ensure prompt remediation, risk acceptance, and tracking of exceptions.Cloud and SaaS Security EnhancementsCollaborate with the Platform team to fortify AWS (IAM, KMS, network segmentation, Security Hub, GuardDuty, logging).Enhance endpoint security, identity and access management, vulnerability management, and logging throughout the organization.Leadership and Team CollaborationProvide daily guidance to TISO, Analysts, and cross-functional contributors.Foster a pragmatic, developer-friendly security culture through enablement, playbooks, and training.Vendor Management and Data GovernanceManage vendor security due diligence with defined SLAs and documentation trails. Assist data protection and BC/DR control owners.Required Qualifications:Demonstrated experience leading security initiatives in a cloud-native product environment.Deep understanding of security frameworks and compliance standards.Strong communication skills with the ability to collaborate effectively across teams.

Join Smartdesc as an Information Security ConsultantLocation: Field-based, primarily in the London areaEmployment Type: Full-timeSalary: £70,000 - £80,000As an Information Security Consultant at Smartdesc, you will collaborate with the Information Security and technical delivery teams to implement robust security solutions for our clients.Your role will involve providing strategic guidance on Information Security, aiding clients in enhancing their security posture, and overseeing a variety of security projects. This includes assisting clients in implementing security controls, conducting assessments based on industry best practices, and delivering assessment reports to Senior Leadership Teams to bolster their security measures.The position encompasses a diverse array of responsibilities, from strategic governance and risk management to advising non-profit organizations on maximizing the value of Microsoft Business Premium, E3, and E5 security solutions. You should be comfortable presenting security information to varied audiences, from part-time volunteers to executive boards.This customer-facing role demands a meticulous eye for detail and a proven track record in delivering exemplary Information Security practices.Key ResponsibilitiesAssess and identify steps organizations must take to enhance their security posture, creating roadmaps for continuous improvement while maximizing existing Microsoft licensing.Align security practices with frameworks and standards such as Cyber Essentials, NCSC CAF, and ISO 27001.Own or oversee key Information Security processes and procedures.Manage the Smartdesc MDR management service.Implement and oversee Information Security Risk Management programs.Identify and manage remediation actions to mitigate risks.Develop and maintain Information Security Policies.Create and deliver general and role-specific Information Security Training and Awareness programs.Raise, investigate, and manage IT Security incidents, ensuring appropriate follow-up actions.Provide IT security support to various business functions, including digital teams, IT infrastructure, and IT Service Desk.Develop and oversee Information Security Internal Audit programs.Supervise ongoing security testing, reviews, and audits.

Kroo Bank is redefining banking by creating a customer-centric experience that prioritizes responsible financial management and leverages technology to simplify, democratize, and enhance transparency in everyday banking. As a fully regulated UK bank, we are supported by dedicated investors and are on a mission to grow our customer base while pursuing ambitious goals. Our commitment to excellence is evident in our fast-paced operations, thoughtful decision-making, and adherence to the highest standards of service, product development, risk management, and employee care.Job Overview:We are seeking a dynamic Head of Information Security (HoIS) to lead our IT security strategy and safeguard the organization against security threats targeting our digital assets. In this role, you will direct the security strategy, oversee operations, and drive product development to protect our enterprise information. Your responsibilities will include fostering security awareness, managing security operations, and ensuring robust policies and procedures are in place.Key Responsibilities:Oversee the daily operations and execution of the information security strategy.Design and maintain a proactive security roadmap encompassing cloud, mobile, AI, and software platforms.Work collaboratively with technology leaders to implement innovative security technologies and next-generation solutions.Guarantee secure configurations and ensure continuous compliance across IaaS, PaaS, and SaaS environments.Conduct ongoing assessments of existing security practices and systems, identifying and addressing areas for enhancement.Perform security audits and risk assessments, providing recommendations to mitigate threats and vulnerabilities.Manage the Information Security Management System (ISMS) and uphold ISO 27001 certification.Ensure adherence to relevant compliance and governance standards.Collaborate with operational teams to develop, implement, and test business continuity plans for security breaches and disaster recovery scenarios.Safeguard the organization's intellectual property consistently.Monitor security vulnerabilities and potential hacking threats across network and host systems.Lead security operations, including Managed SOC, threat intelligence, detection, and response capabilities.Establish KPIs and KRIs to measure security maturity and provide consistent security reporting to Executive and Board stakeholders.Manage and nurture the information security team.Promote and educate the organization on the latest security strategies and technologies.Oversee the IT security budget and communicate effectively with stakeholders.

Founded in 1987, ICTS UK Ltd is a leader in integrated security and customer services, delivering exceptional solutions in the most challenging environments. Our innovative approach allows us to collaborate with a diverse range of clients, including major public attractions, leisure facilities, financial institutions, retail, public sector organizations, transport services, and government entities.We are actively seeking dedicated Security Officers to join our esteemed team on high-profile contracts in the vibrant West London area. If you are looking for a fulfilling career where you can make a difference, we invite you to apply.As a Security Officer, you will be part of a close-knit team, requiring a commitment to reliability and flexibility. These positions are permanent and offer an immediate start.Key Responsibilities:Access ControlConducting Security PatrolsResponding to IncidentsProviding Excellent Customer ServiceReport WritingCompleting Daily Operational PaperworkAdhering to all company/client procedures and policiesFollowing all managerial directivesMaintaining High Standards of ProfessionalismPromoting ICTS UK Ltd positively at all times

Starling Bank is looking for a Business Analyst to join the Finance Transformation team in London. This position focuses on finance change projects designed to improve the bank’s operations and enhance customer service. Key responsibilities Collaborate with colleagues across departments to deliver financial projects. Analyze data to identify trends and patterns. Turn analysis into actionable recommendations that inform business strategy. Contribute to efforts that streamline processes and make them more customer-focused. Location This role is based in London, England, United Kingdom.

The Savoy Hotel in London seeks a Security Officer to help maintain a safe and welcoming atmosphere for guests and staff. This position is part of a team known for its high standards and attention to detail. Main responsibilities Monitor the premises to ensure the safety of everyone on site Respond to incidents and support the hotel's commitment to a secure environment Uphold the reputation and standards of The Savoy Hotel through professional conduct What this role involves This role focuses on vigilance, quick response, and a dedication to guest and staff safety. Security Officers are expected to remain alert, approachable, and discreet while handling daily responsibilities. Location This position is based at The Savoy Hotel in London.

AJ Bell seeks a Senior Information Security Engineer to strengthen the protection of company information systems and support compliance initiatives. The position is offered as a hybrid role, with the option to work from either the Manchester or London office and some flexibility for remote work. Key responsibilities Identify and assess security vulnerabilities within company systems Implement and maintain security controls to protect data and infrastructure Collaborate with teams across the business to promote effective security practices Assist in maintaining compliance with relevant regulations and internal policies Location This role is based in Manchester or London with a hybrid work arrangement, allowing for both office presence and remote work.