Security Operations Engineer - Engine by Starling

At Engine by Starling, we are on a mission to find and work with leading banks worldwide who have the ambition to build rapid growth businesses on our technology. Engine is Starling's SaaS business, built to power Starling Bank and split out as a separate entity two years ago. Our SaaS platform is now available to banks and financial institutions globally, enabling them to benefit from innovative digital features and efficient back‑office processes that have contributed to Starling's success.

As a company, everyone is expected to roll up their sleeves to help deliver great outcomes for our clients. We are an engineering‑led company and are looking for someone excited by the potential for Engine's technology to transform banking in different markets around the world.

Hybrid Working

We have a Hybrid approach to working here at Engine. Our preference is that you’re located within a commutable distance of one of our offices so that we can interact and collaborate in person.

About the Role

To support our growth, we are looking for talented and motivated SOC engineers to join our foundational in‑house SOC team. In this pivotal role, you will be instrumental in supporting the development, implementation, and operation of our security monitoring, detection, and response capabilities, with a particular focus on our cloud environments. You’ll be at the forefront of responding to incidents and alerts, and helping shape the future of our security operations capabilities.

What you’ll get to do:

• Security Monitoring & Alert Triage: Monitor security alerts and events generated by various security tools.
• Perform triage and analysis of security incidents and anomalies, distinguishing between true positives and false positives.
• Prioritise alerts based on severity, potential impact, and business criticality.
• Investigate security incidents thoroughly, leveraging logs from platforms, endpoints, applications, and other security tools.
• Create and follow incident response playbooks and contribute to their continuous improvement.
• Collaborate with Technology, Product and Engineering Teams to contain, eradicate, and recover from security incidents.
• Document incident details, findings, and remediation steps accurately and comprehensively.

• Incident Detection & Response: Investigate security incidents thoroughly, leverage logs, and contribute to playbooks and improvements.
• Document incident details, findings, and remediation steps.

• Additionally: Stay informed about the latest cyber threats, attack techniques, and vulnerabilities, especially those targeting cloud environments.
• Participate in proactive threat hunting activities using available tools and data sources.
• Contribute to the optimization, tuning, and maintenance of SOC tools.
• Identify opportunities for automation to streamline security operations and enhance detection capabilities.
• Maintain detailed records of security incidents, investigations, and remediation actions.

Requirements

• 3+ years of hands‑on experience in a Security Operations Center (SOC) or similar cybersecurity role.
• Demonstrable experience with cloud security monitoring and incident response.
• Familiarity with various attack vectors, threat intelligence frameworks (e.g., MITRE ATT&CK).
• A cyber/information security related degree and/or relevant cybersecurity qualifications would be beneficial (e.g., CompTIA Security+, (ISC)² SSCP or CySA+).

Seniority level: Mid‑Senior level

Employment type: Full‑time

Job function: Information Technology

Interviewing is a two‑way process and we want you to have time to get to know us as much as we are getting to know you. Our interviews are conversational and we want to get the best from you, so come with questions and be curious. Our interview stages typically include:

• Stage 1 – 45 mins with BISO
• Stage 2 – 60 mins with team members
• Stage 3 – Final with CTO

Benefits

• 33 days holiday (including public holidays)
• Extra day off for your birthday
• Annual leave increases with length of service; option to buy or sell up to five extra days
• 16 hours paid volunteering time per year
• Salary sacrifice, company‑enhanced pension scheme
• Life insurance at 4x salary & group income protection
• Private Medical Insurance with VitalityHealth, mental health support and cancer care; partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
• Generous family‑friendly policies
• Refer a friend incentive
• Perkbox membership with retail discounts and wellness platform
• Cycle to Work, Salary Sacrificed Gym partnerships and EV leasing initiatives

About Us

Engine by Starling is an equal opportunity employer, and we’re proud of our ongoing efforts to foster diversity and inclusion in the workplace. We consider applicants without regard to race, religion, national origin, age, sex, gender, gender identity or expression, sexual orientation, marital status, medical condition, disability, military or veteran status, or any other characteristic protected by law. By submitting your application, you consent to our Privacy Notice and to Engine by Starling and Starling Bank processing your personal data for recruiting purposes.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.