Responsibilities: Scoping and performing mobile, web application, cloud, and infrastructure penetration tests. Collaborating with engineering teams to facilitate secure development, including reviewing and analysing proposed technical solutions to identify appropriate security controls, conducting code reviews of features and critical security components, and performing in-depth practical security testing. Advising on the remediation of security issues and identifying solutions to address root causes. Automating security testing and developing internal tooling to achieve continuous assurance. Identifying and implementing improvements to the team's internal processes and procedures. Mentoring less-experienced team members, leading by example in technical assessments, and promoting a collaborative approach to security across Starling.

Requirements: 5+ years technical information security experience. Experience in mobile, web application, cloud, and infrastructure penetration testing. Technical knowledge in mobile security (iOS and Android), web application security, networking and associated protocols, cloud security (AWS and GCP), containers and Kubernetes. Penetration testing qualifications (e.g. CREST Certified Tester, OSCP) or equivalent industry experience. Excellent verbal and written communication skills.

XML job scraping automation by YubHub