Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support compliance management and risk assessment in a dynamic security environment.
- Company: Join Engine by Starling, a forward-thinking company reshaping banking.
- Benefits: Enjoy hybrid working, competitive salary, and opportunities for professional growth.
- Why this job: Make a real impact on security standards while collaborating with diverse teams.
- Qualifications: 3+ years in information security with experience in compliance frameworks.
- Other info: We value diversity and encourage applicants from all backgrounds.
The predicted salary is between 36000 - 60000 £ per year.
Hybrid Working
We have a Hybrid approach to working here at Engine – our preference is that you\’re located within a commutable distance of one of our offices so that we\’re able to interact and collaborate in person.
About the Role
In this role you will be instrumental in helping us maintain and mature our governance, risk, and compliance program. You\’ll play a crucial part in ensuring our ongoing adherence to security standards and regulations, building a foundation of trust for our clients and stakeholders. This is a hands‑on role, ideally suited to someone who can engage with stakeholders across our business.
What you’ll get to do:
- Compliance Management: Support the day‑to‑day management of our compliance programs, with a primary focus on ISO 27001, SOC 2, and PCI DSS/3DS.
- Audit Support: Act as a key liaison for internal and external auditors, helping to gather evidence, prepare for audits, and track the timely remediation of any findings.
- Risk Management: Participate in our risk assessment process, helping to identify, analyse, and document information security risks. You’ll also assist in developing and monitoring risk treatment plans.
- Policy & Procedure Maintenance: Help to develop, update, and maintain our information security policies, standards, and procedures to ensure they are current, accurate, and aligned with compliance requirements.
- Evidence Collection & Review: Automate and streamline the collection of evidence for our various compliance frameworks to ensure audit readiness.
- Cross‑Functional Collaboration: Work closely with our Engineering, Product and Security Operations teams to embed security controls into our processes and culture.
- Continuous Improvement: Identify opportunities to improve the effectiveness and efficiency of our GRC program and related processes.
Essential
- A minimum of 3 years of experience in an information security role.
- Proven experience in supporting and managing compliance efforts for ISO 27001, SOC 2, and PCI DSS.
- Strong skills in security metrics and reporting.
- Experience with audit processes and evidence collection.
- A proactive, organized, and detail‑oriented approach to your work.
- Experience with GRC software is a plus.
Desired qualifications, if you have some of these great!
- CompTIA Security+
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Systems Security Professional (CISSP)
About Us
You may be put off applying for a role because you don\’t tick every box. Forget that! While we can’t accommodate every flexible working request, we’re always open to discussion. So, if you\’re excited about working with us, but aren’t sure if you\’re 100% there yet, get in touch anyway. We’re on a mission to radically reshape banking – and that starts with our brilliant team. Whatever came before, we’re proud to bring together people of all backgrounds and experiences who love working together to solve problems.
Engine by Starling is an equal opportunity employer, and we’re proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Engine by Starling are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law.
When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice. By submitting your application, you agree that Engine by Starling and Starling will collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we will process, where we will process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.
#J-18808-Ljbffr
Information Security Analyst (GRC) - Engine by Starling employer: Starling Bank
Contact Detail:
Starling Bank Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Analyst (GRC) - Engine by Starling
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, or join online forums. The more connections you make, the better your chances of landing that dream job.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their values and how they align with your own. This will help you stand out and show you're genuinely interested in being part of the team.
✨Tip Number 3
Practice your responses to common interview questions. Use the STAR method (Situation, Task, Action, Result) to structure your answers. This will help you articulate your experience clearly and confidently.
✨Tip Number 4
Don’t forget to follow up after your interview! A simple thank-you email can go a long way in keeping you top of mind. Plus, it shows your enthusiasm for the role and the company.
We think you need these skills to ace Information Security Analyst (GRC) - Engine by Starling
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Information Security Analyst role. Highlight your experience with compliance frameworks like ISO 27001, SOC 2, and PCI DSS. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're excited about this role and how you can contribute to our governance, risk, and compliance programme. Let us know what makes you a great fit for our team.
Showcase Your Experience: When detailing your experience, focus on specific projects or tasks that relate to audit support and risk management. We love seeing concrete examples of how you've tackled challenges in the past!
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. It helps us keep everything organised and ensures your application gets the attention it deserves. Don’t hesitate – we’re excited to hear from you!
How to prepare for a job interview at Starling Bank
✨Know Your Compliance Standards
Make sure you’re well-versed in ISO 27001, SOC 2, and PCI DSS. Brush up on the key requirements and how they apply to the role. Being able to discuss these standards confidently will show that you’re serious about compliance management.
✨Prepare for Audit Questions
Since you'll be acting as a liaison for audits, think about common audit scenarios and how you would handle them. Prepare examples from your past experiences where you successfully gathered evidence or managed audit processes. This will demonstrate your hands-on experience.
✨Showcase Your Risk Management Skills
Be ready to discuss your approach to risk assessment and management. Think of specific instances where you identified and documented security risks, and how you developed treatment plans. This will highlight your proactive and detail-oriented nature.
✨Emphasise Cross-Functional Collaboration
This role requires working closely with various teams, so be prepared to talk about your experience collaborating with engineering, product, and security operations. Share examples of how you’ve embedded security controls into processes and fostered a culture of compliance.
