Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Build secure systems and automate defences for our core banking platform.
- Company: Join Engine by Starling, where security is a top priority.
- Benefits: Enjoy 33 days holiday, private medical insurance, and wellness perks.
- Why this job: Make a real impact in cloud security while working with cutting-edge tech.
- Qualifications: Experience in cloud security or strong programming skills in Go or Python.
- Other info: Collaborative team environment with opportunities for personal growth.
The predicted salary is between 48000 - 84000 £ per year.
At Engine by Starling, we don't do "checkbox security". We treat security as a first-class engineering discipline. As a Cloud Security Engineer, you will be a hands-on builder responsible for the security architecture of our multi-tenant core banking platform. You’ll spend your days writing code, automating defenses, and ensuring our infrastructure that spans across AWS and GCP is secure by design and compliant by default.
The Mission
This is a highly varied position where you will spearhead efforts to fortify both our infrastructure and application platforms. Your mission is to solve complex security problems through code, focusing on three core pillars:
- Identity & Network Security: Engineering robust IAM controls and zero-trust network architectures. You will lead the way in refining edge-defense strategies and trust redirection to ensure every request is verified and encrypted.
- Unified Vulnerability Orchestration: Building a custom "single pane of glass" for security data. You will engineer API integrations between scanning engines, dependency trackers, and internal portals to create a seamless, automated vulnerability ecosystem.
- Compliance as Code: Bridging the gap between technical execution and regulatory requirements. You will build the automated systems that provide real-time evidence for frameworks like SOC 2, ISO 27001 & PCI ensuring we stay compliant without manual overhead.
The Team
You will be a key member of our growing Security Engineering team, working at the intersection of our Infrastructure, Cross-Cutting, Information Security, and GRC teams. At Engine, we believe security should be at the heart of every technical process, not an afterthought. You won’t work in a silo; you’ll have close interaction with engineers across the business to deliver a platform that is resilient against evolving threats.
About You
We are primarily looking for experienced Cloud Security Engineers, but we are equally keen to talk to talented Software Engineers who possess strong programming skills and a genuine desire to apply their knowledge to security challenges. Engine engineers are motivated by impact and high-quality delivery, regardless of their original tech stack. Whether you are a security specialist or a developer with a "security-first" mindset, your place within the team will be shaped by your individual strengths and interests.
What you’ll get to do?
You won’t be manually checking boxes. You will be building the systems that check them for you.
- Security as Code: Design and maintain custom security tooling in Go to automate evidence collection for SOC2/ISO 27001 and remediation of security alerts.
- Infrastructure & IAM: Write and peer-review Terraform to manage identity and core infrastructure across AWS and GCP, ensuring the principle of least privilege is baked into the foundation and adhering to cloud security standards.
- Pipeline & Supply Chain: Contribute to maintaining the integrity of our software supply chain. You’ll integrate SAST/DAST/SCA tools into our CI/CD pipelines (GitHub Actions/TeamCity) and manage container provenance.
- Cloud Native Defense: Engineer Kubernetes security solutions focusing on Cilium, RBAC, and network policies to protect our microservices.
- Identity & Trust (PKI): Build and maintain our Certificate Authority (CA) tooling and internal PKI infrastructure. You will be a trusted guardian of our cryptographic foundations, participating in Key Ceremonies to ensure the highest level of root-level security.
- Incident Response & Research: Support the Information Security team and participate in incident response and post-mortem activities.
What skills are essential:
- The Builder Mindset: You have a background in software or infrastructure engineering. You find manual work a personal affront and prefer to solve problems through code.
- Polyglot-ish: You are proficient in Go (our preference) or Python.
- Cloud Native: You have deep, practical experience securing AWS or GCP and have managed them at scale using Terraform.
- Container Expert: You understand the nuances of Kubernetes security - from the runtime to the service mesh.
- Identity Mastery: Expert knowledge of cloud identity models.
- Networking: Strong understanding of network protocols.
What skills are desirable:
- Experience with Cilium networking or advanced K8s hardening (CKS/CKA).
- Deep knowledge of cryptography management and hardware security modules.
- Familiarity with container signing (Sigstore/Cosign) and image provenance.
- Cloud-native security certifications (AWS Security Specialist / GCP Professional).
- Experience working with CSA CCM.
33 days holiday (including public holidays, which you can take when it works best for you). An extra day’s holiday for your birthday. Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off. 16 hours paid volunteering time a year. Salary sacrifice, company enhanced pension scheme. Life insurance at 4x your salary & group income protection. Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton. Generous family-friendly policies. Incentives refer a friend scheme. Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks. Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing.
Senior Cloud Security Engineer (Automation & Tooling) - Engine by Starling employer: Starling Bank Limited
Contact Detail:
Starling Bank Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Cloud Security Engineer (Automation & Tooling) - Engine by Starling
✨Tip Number 1
Network like a pro! Reach out to current employees at Engine by Starling on LinkedIn. Ask them about their experiences and any tips they might have for the interview process. Personal connections can give you an edge!
✨Tip Number 2
Show off your skills! Prepare a portfolio or GitHub repository showcasing your coding projects, especially those related to cloud security. This is your chance to demonstrate your hands-on experience and problem-solving abilities.
✨Tip Number 3
Practice makes perfect! Conduct mock interviews with friends or use online platforms to get comfortable with common technical questions. Focus on articulating your thought process while solving security challenges.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets noticed. Plus, it shows you’re genuinely interested in joining the team at Engine by Starling. Don’t miss out on this opportunity!
We think you need these skills to ace Senior Cloud Security Engineer (Automation & Tooling) - Engine by Starling
Some tips for your application 🫡
Tailor Your CV: Make sure your CV reflects the skills and experiences that align with the Senior Cloud Security Engineer role. Highlight your coding abilities, cloud security experience, and any relevant projects that showcase your problem-solving mindset.
Craft a Compelling Cover Letter: Use your cover letter to tell us why you're passionate about security as a first-class engineering discipline. Share specific examples of how you've tackled complex security challenges in the past and how you can contribute to our mission.
Showcase Your Technical Skills: Don’t shy away from listing your technical proficiencies, especially in Go, Terraform, and cloud platforms like AWS and GCP. We want to see your hands-on experience and how you’ve applied your knowledge to real-world scenarios.
Apply Through Our Website: We encourage you to apply directly through our website for a smoother application process. This way, we can easily track your application and ensure it gets the attention it deserves!
How to prepare for a job interview at Starling Bank Limited
✨Know Your Tech Inside Out
Make sure you’re well-versed in the technologies mentioned in the job description, especially Go and Terraform. Brush up on your knowledge of AWS and GCP security practices, as well as Kubernetes security nuances. Being able to discuss these topics confidently will show that you're not just familiar with them, but that you can apply them effectively.
✨Demonstrate Your Builder Mindset
Prepare examples of how you've solved complex problems through code in previous roles. Highlight any automation or tooling you've developed, especially in relation to security. This will help illustrate your proactive approach and your ability to think like a builder, which is crucial for this role.
✨Showcase Your Collaboration Skills
Since this role involves working closely with various teams, be ready to discuss how you've collaborated with others in the past. Share specific instances where your teamwork led to successful outcomes, particularly in security projects. This will demonstrate that you understand the importance of communication and collaboration in achieving security goals.
✨Prepare for Scenario-Based Questions
Expect to face scenario-based questions that test your problem-solving skills in real-world situations. Think about potential security challenges related to identity management, vulnerability orchestration, and compliance. Practising your responses to these scenarios will help you articulate your thought process and decision-making skills during the interview.
