IAM / IGA Security Engineer designing and implementing identity governance solutions. Collaborating with Security, IT, HR, and business stakeholders to ensure secure access governance.
About the role
- Lead Information Security initiatives at Starling, the UK's leading digital bank. Manage policy frameworks, team performance, and ensure compliance with security standards.
Responsibilities
- Manage and maintain the Information Security Policy Framework across Starling Group that addresses the needs of the Group, its customers, employees and other stakeholders in line with relevant legislation and industry standards.
- Establish and maintain standards for control implementation procedures.
- Liaise with external bodies and organisations to keep abreast of emerging trends, technologies and legislation that have an impact on Information Security.
- Support security controls assessment, and accreditation, e.g. ISO/IEC 27001.
- Manage the input to the Information Security Risk Register and ensure coherence with the Bank’s Risk Management framework.
- Act as point of contact for the second, third line of defense and other stakeholders (e.g. Legal, Regulatory Affairs) and coordinate audit and request response.
- Manage the creation of Board, committees and regulatory engagement meeting material and communication.
- Establish a framework and manage the Information Security reporting capability incl. regular revision of Key Risk and Performance Indicators.
- Support the CISO in the yearly Information Security strategy review and roadmap definition.
- Manage the Information Security related budget.
Requirements
- be a Self Starter with the ability to lead, inspire and drive change through an organisation.
- have the ability to be pragmatic while balancing the needs of the Bank against security.
- have an ability to think and plan strategically and systematically while recognizing the need to deliver to the business requirements.
- have previous experience working in a complex IT organisation encompassing service delivery, application development and IT infrastructure.
- an understanding of best practice within Information Security and risk management including standards such as ISO/IEC 27001, NIST, Cyber Essentials and COBIT.
- an understanding of legislation and regulations that impact information Security. E.g. Data Protection Act and GDPR, DORA, Freedom of Information Act, PCI DSS.
- Have previous experience in leading, developing and motivating a team.
- An understanding of current and emerging threats and countermeasures and the organisational challenges to addressing these threats.
- An understanding of Cloud and AI related Security threats and countermeasures.
- A good knowledge of security technologies and wider business solutions including Identity and access management, security monitoring, and data security technologies.
- A good understanding of financial services and awareness of broader requirements.
- Share knowledge and provide guidance on internal bank first line related processes.
- Take responsibility and do the right thing for customers, colleagues and partners.
- It would be great if you have one or more of the following qualifications, but it’s not essential; Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or Certified Information Systems Auditor.
Benefits
- 33 days holiday (including public holidays, which you can take when it works best for you)
- An extra day’s holiday for your birthday
- Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off
- 16 hours paid volunteering time a year
- Salary sacrifice, company enhanced pension scheme
- Life insurance at 4x your salary & group income protection
- Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
- Generous family-friendly policies
- Incentives refer a friend scheme
- Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks
- Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Senior Consultant helping the Ministry of Defence with large - scale ICT projects and innovations in technology and security. Lead developments in networks and applications in cooperation with Defence Architects.
Software Security Engineer at Spectro Cloud focusing on securing Kubernetes - based platforms for AI infrastructure. Responsible for implementing security controls and managing incident responses across the platform.
Technical Operator handling ticket resolution and IT troubleshooting in a structured team environment for Managed Security Services. Interfacing with varied technical tools to support international clients.
Support Health, Safety, and Security processes at East West Rail. Coordinate training, manage budgets, and ensure compliance with regulatory standards.
AI Security Engineer focusing on adversarial machine learning and enterprise security architecture. Leading red team engagements and translating technical risk into governance frameworks.
AI Security Architect leading adversarial testing for enterprise AI products, integrating security findings into governance frameworks. Collaborating with engineering and compliance functions in a hybrid work environment.
Leading GRC & IT Security Consulting at Orange Cyberdefense in Zürich. Drive business growth and manage client relationships while leading a technical consulting team.
Senior Endpoint Security Engineer at Metric5 managing CrowdStrike Falcon deployment for Department of Treasury. Overseeing sensors rollout and resolving high - tier architectural issues in diverse IT environments.
Cybersecurity Sales Specialist responsible for driving sales across Fortune 250 accounts. Engage with C - suite leaders to enhance cybersecurity solutions and strategies across global enterprises.