Start Hiring Start Applying
Start Applying

StudySmarter Job Board

Senior Penetration Tester
Apply now
Job Board
Companies
Starling
Senior Penetration Tester

Senior Penetration Tester

Full-Time 60000 - 80000 £ / year (est.) Home office (partial)
Apply now Go Premium
S

At a Glance

  • Tasks: Join our team to perform cutting-edge penetration testing and enhance security across our digital banking services.
  • Company: Starling Bank, the UK's first digital bank, revolutionising the way people manage their money.
  • Benefits: Enjoy 25 days holiday, private medical insurance, and a hybrid working model.
  • Why this job: Make a real impact in fintech while collaborating with talented cyber security professionals.
  • Qualifications: 5+ years in information security and experience in penetration testing across various platforms.
  • Other info: We value diverse backgrounds and encourage applicants from all walks of life.

The predicted salary is between 60000 - 80000 £ per year.

Starling is the UK’s first and leading digital bank on a mission to fix banking! We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. We’re a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We employ more than 3,000 people across our London, Southampton, Cardiff and Manchester offices. Our technologists are at the very heart of Starling and enjoy working in a fast-paced environment that is all about building things, creating new stuff, and disruptive technology that keeps us on the cutting edge of fintech.

We operate a flat structure to empower you to make decisions regardless of what your primary responsibilities may be; innovation and collaboration will be at the core of everything you do. Help is never far away in our open culture; you will find support in your team and from across the business. The way to thrive and shine within Starling is to be a self-driven individual and take full ownership of everything around you: from building things, designing, discovering, to sharing knowledge with your colleagues and ensuring all processes are efficient and productive to deliver the best possible results for our customers. Our purpose is underpinned by five Starling values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.

Hybrid Working

We have a Hybrid approach to working here at Starling - our preference is that you’re located within a commutable distance of one of our offices so that we’re able to interact and collaborate in person. In Technology, we’re asking that you attend the office a minimum of 1 day per week.

About the Role

As an experienced Penetration Tester at Starling, you’ll be joining an established team, working with talented cyber security professionals to ensure our services are designed, developed and operated securely. This is a collaborative role - you’ll directly interact with multiple areas of the business to understand requirements, conduct research, perform security testing, and report issues aligned to our risk framework. Being an internal tester, you’ll gain a strong understanding of how technology works at Starling to enable in-depth testing. You’ll also support remediation processes, seeing your findings lead to tangible security improvements. We understand the importance of knowledge and expertise remaining current, so we’ll actively support your advancement through research and training. In turn, you’ll help us continuously improve our processes, methodologies and tools to maintain the highest standard of testing.

Responsibilities

  • Scoping and performing mobile, web application, cloud and infrastructure penetration tests.
  • Collaborating with engineering teams to facilitate secure development, including:
  • Reviewing and analysing proposed technical solutions to identify appropriate security controls.
  • Conducting code reviews of features and critical security components.
  • Performing in-depth practical security testing.
  • Advising on the remediation of security issues and identifying solutions to address root causes.
  • Automating security testing and developing internal tooling to achieve continuous assurance.
  • Identifying and implementing improvements to the team’s internal processes and procedures.
  • Mentoring less-experienced team members, leading by example in technical assessments, and promoting a collaborative approach to security across Starling.

    • Requirements

    We’re open-minded when it comes to hiring and we care more about aptitude and attitude than specific experience or qualifications. Ideally, we would like:

    • 5+ years technical information security experience.
    • Experience in mobile, web application, cloud and infrastructure penetration testing.
    • Technical knowledge - we don’t expect mastery of every area, but are looking for a good foundation in the following domains:
    • Mobile security (iOS and Android)
    • Web application security
    • Networking and associated protocols
    • Cloud security (AWS and GCP)
    • Containers and Kubernetes
  • A desire to learn, and the ability to apply technical security knowledge to new and unfamiliar areas.
  • Penetration testing qualifications (e.g. CREST Certified Tester, OSCP) or equivalent industry experience.
  • Experience performing code reviews or code-assisted testing, particularly in Java and Go.
  • Experience in automation of security testing (e.g. using Python or Go).
  • Excellent verbal and written communication skills.

    • Interview process

    Interviewing is a two-way process and we want you to have the time and opportunity to get to know us, as much as we are getting to know you! Our interviews are conversational and we want to get the best from you, so come with questions and be curious. In general, you can expect the below, following a chat with one of our Talent Team:

    • First stage with the Penetration Testing Team Lead
    • Second stage with additional members of the Penetration Testing team
    • Final stage with Infosec Director and CISO

    Benefits

    We have a Hybrid approach to working here at Starling - our preference is that you’re located within a commutable distance of one of our offices so that we’re able to interact and collaborate in person. In Technology, we’re asking that you attend the office a minimum of 1 day per week.

    • 25 days holiday (plus take your public holiday allowance whenever works best for you)
    • An extra day’s holiday for your birthday
    • Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off
    • 16 hours paid volunteering time a year
    • Salary sacrifice, company enhanced pension scheme
    • Life insurance at 4x your salary & group income protection
    • Private Medical Insurance with VitalityHealth including mental health support and cancer care.
    • Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
    • Generous family-friendly policies
    • Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks
    • Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing

    About Us

    You may be put off applying for a role because you don’t tick every box. Forget that! While we can’t accommodate every flexible working request, we’re always open to discussion. So, if you’re excited about working with us, but aren’t sure if you’re 100% there yet, get in touch anyway. We’re on a mission to radically reshape banking - and that starts with our brilliant team. Whatever came before, we’re proud to bring together people of all backgrounds and experiences who love working together to solve problems.

    Equal Opportunity Statement

    Starling is an equal opportunity employer, and we’re proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law.

    Senior Penetration Tester employer: Starling

    Starling Bank is an exceptional employer that champions innovation and collaboration within a dynamic fintech environment. With a commitment to employee growth through continuous training and a supportive culture, we empower our team members to take ownership of their work while enjoying a hybrid working model. Our comprehensive benefits package, including generous holiday allowances and wellness initiatives, ensures that our employees thrive both personally and professionally.
    S

    Contact Detail:

    Starling Recruiting Team

    View Starling Profile

    StudySmarter Expert Advice 🤫

    We think this is how you could land Senior Penetration Tester

    ✨Tip Number 1

    Get to know Starling's culture and values before your interview. They love self-driven individuals who own their work, so think about how you can demonstrate that in your conversations. Show them you're not just a fit for the role, but for the team!

    ✨Tip Number 2

    Prepare some thoughtful questions to ask during your interview. This shows you're genuinely interested in the role and the company. Plus, it gives you a chance to see if Starling is the right place for you too!

    ✨Tip Number 3

    Practice your technical skills and be ready to discuss your past experiences in penetration testing. They want to see how you approach problems and collaborate with others, so be prepared to share specific examples of your work.

    ✨Tip Number 4

    Don’t hesitate to apply through our website! Even if you don’t tick every box, we value attitude and aptitude over strict qualifications. If you’re excited about the role, go for it – we’re all about reshaping banking together!

    We think you need these skills to ace Senior Penetration Tester

    Penetration Testing
    Mobile Security (iOS and Android)
    Web Application Security
    Cloud Security (AWS and GCP)
    Networking and Associated Protocols
    Containers and Kubernetes
    Code Reviews
    Automation of Security Testing (e.g. using Python or Go)
    Excellent Verbal and Written Communication Skills
    Collaboration with Engineering Teams
    Technical Knowledge in Information Security
    Mentoring and Leadership Skills
    Problem-Solving Skills
    Desire to Learn and Adapt

    Some tips for your application 🫡

    Show Your Passion for Security: When writing your application, let us see your enthusiasm for penetration testing and cybersecurity. Share any personal projects or experiences that highlight your skills and passion for the field.

    Tailor Your Application: Make sure to customise your CV and cover letter to align with our values and the specific role. Highlight relevant experience in mobile, web application, and cloud security to catch our eye!

    Be Clear and Concise: We appreciate straightforward communication. Keep your application clear and to the point, focusing on your key achievements and how they relate to the role of Senior Penetration Tester.

    Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands and shows us you’re serious about joining our team!

    How to prepare for a job interview at Starling

    ✨Know Your Stuff

    Make sure you brush up on your technical knowledge, especially in mobile, web application, cloud, and infrastructure penetration testing. Be ready to discuss your experience with specific tools and methodologies, as well as any relevant qualifications like CREST or OSCP.

    ✨Show Your Curiosity

    Remember, interviews are a two-way street! Prepare thoughtful questions about Starling's approach to security and how the team collaborates. This shows you're genuinely interested in the role and the company culture.

    ✨Demonstrate Collaboration Skills

    Since this role involves working closely with engineering teams, be prepared to share examples of how you've successfully collaborated in the past. Highlight your ability to communicate complex security concepts in a way that non-technical team members can understand.

    ✨Be Ready to Share Knowledge

    As a senior penetration tester, mentoring less-experienced team members will be part of your role. Think of ways you've helped others grow in their skills and be ready to discuss how you would approach mentoring at Starling.

    Senior Penetration Tester
    Starling

    Land your dream job quicker with Premium

    You’re marked as a top applicant with our partner companies
    Individual CV and cover letter feedback including tailoring to specific job roles
    Be among the first applications for new jobs with our AI application
    1:1 support and career advice from our career coaches
    Go Premium

    Money-back if you don't land a job in 6-months

    >