Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support compliance management and risk assessment in a dynamic security environment.
- Company: Join Engine by Starling, a forward-thinking company reshaping banking.
- Benefits: Hybrid working, diverse team, and opportunities for professional growth.
- Why this job: Make a real impact on security standards while collaborating with innovative teams.
- Qualifications: 3+ years in information security and experience with compliance frameworks.
- Other info: Open to diverse backgrounds; we value your unique experiences.
The predicted salary is between 36000 - 60000 ÂŁ per year.
Hybrid Working
We have a Hybrid approach to working here at Engine â our preference is that youâre located within a commutable distance of one of our offices so that weâre able to interact and collaborate in person.
About the Role
In this role you will be instrumental in helping us maintain and mature our governance, risk, and compliance program. Youâll play a crucial part in ensuring our ongoing adherence to security standards and regulations, building a foundation of trust for our clients and stakeholders. This is a handsâon role, ideally suited to someone who can engage with stakeholders across our business.
What youâll get to do:
- Compliance Management: Support the dayâtoâday management of our compliance programs, with a primary focus on ISO 27001, SOC 2, and PCI DSS/3DS.
- Audit Support: Act as a key liaison for internal and external auditors, helping to gather evidence, prepare for audits, and track the timely remediation of any findings.
- Risk Management: Participate in our risk assessment process, helping to identify, analyse, and document information security risks. Youâll also assist in developing and monitoring risk treatment plans.
- Policy & Procedure Maintenance: Help to develop, update, and maintain our information security policies, standards, and procedures to ensure they are current, accurate, and aligned with compliance requirements.
- Evidence Collection & Review: Automate and streamline the collection of evidence for our various compliance frameworks to ensure audit readiness.
- CrossâFunctional Collaboration: Work closely with our Engineering, Product and Security Operations teams to embed security controls into our processes and culture.
- Continuous Improvement: Identify opportunities to improve the effectiveness and efficiency of our GRC program and related processes.
Essential
- A minimum of 3 years of experience in an information security role.
- Proven experience in supporting and managing compliance efforts for ISO 27001, SOC 2, and PCI DSS.
- Strong skills in security metrics and reporting.
- Experience with audit processes and evidence collection.
- A proactive, organized, and detailâoriented approach to your work.
- Experience with GRC software is a plus.
Desired qualifications, if you have some of these great!
- CompTIA Security+
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Systems Security Professional (CISSP)
About Us
You may be put off applying for a role because you donât tick every box. Forget that! While we canât accommodate every flexible working request, weâre always open to discussion. So, if youâre excited about working with us, but arenât sure if youâre 100% there yet, get in touch anyway. Weâre on a mission to radically reshape banking â and that starts with our brilliant team. Whatever came before, weâre proud to bring together people of all backgrounds and experiences who love working together to solve problems.
Engine by Starling is an equal opportunity employer, and weâre proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Engine by Starling are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law.
When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice. By submitting your application, you agree that Engine by Starling and Starling will collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we will process, where we will process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.
Information Security Analyst (GRC) - Engine by Starling employer: Starling Bank Limited
Contact Detail:
Starling Bank Limited Recruiting Team
StudySmarter Expert Advice đ€«
We think this is how you could land Information Security Analyst (GRC) - Engine by Starling
âšTip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, or join online forums. The more connections we make, the better our chances of landing that dream job.
âšTip Number 2
Prepare for those interviews! Research the company and its culture, and be ready to discuss how your experience aligns with their needs. We want to show them we're the perfect fit!
âšTip Number 3
Donât forget to follow up after interviews! A quick thank-you email can go a long way in keeping us top of mind. Plus, it shows weâre genuinely interested in the role.
âšTip Number 4
Apply through our website! Itâs the best way to ensure our application gets seen by the right people. Plus, we love seeing familiar names when we review applications!
We think you need these skills to ace Information Security Analyst (GRC) - Engine by Starling
Some tips for your application đ«Ą
Tailor Your CV: Make sure your CV speaks directly to the role of Information Security Analyst. Highlight your experience with ISO 27001, SOC 2, and PCI DSS, as these are key areas for us. We want to see how your skills align with what weâre looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why youâre excited about the role and how your background makes you a perfect fit. Donât forget to mention your proactive approach and any relevant certifications you hold.
Showcase Your Collaboration Skills: Since this role involves working closely with various teams, make sure to highlight any past experiences where youâve successfully collaborated across departments. We love seeing candidates who can engage with stakeholders effectively!
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. Itâs the best way for us to receive your application and ensures you donât miss out on any important updates from our team!
How to prepare for a job interview at Starling Bank Limited
âšKnow Your Compliance Standards
Make sure you brush up on ISO 27001, SOC 2, and PCI DSS before your interview. Being able to discuss these frameworks confidently will show that you're not just familiar with them, but that you can actively contribute to the compliance management process.
âšPrepare for Audit Scenarios
Think about past experiences where you've supported audits or collected evidence. Be ready to share specific examples of how you liaised with auditors and what steps you took to ensure audit readiness. This will demonstrate your hands-on experience in a practical way.
âšShowcase Your Risk Management Skills
Be prepared to discuss your approach to risk assessment and management. Think of examples where you've identified and documented security risks, and how you developed risk treatment plans. This will highlight your proactive and detail-oriented nature.
âšEmphasise Cross-Functional Collaboration
Since this role involves working closely with various teams, be ready to talk about how you've successfully collaborated with different departments in the past. Share specific instances where you embedded security controls into processes, showcasing your ability to engage stakeholders effectively.
