We're looking for an ambitious information security or cyber specialist to join our team as an Information Security Director. As a key member of our Office of the CISO, you will lead the continuous improvement of our Information Security capabilities and governance. You will be responsible for managing and maintaining the Information Security Policy Framework across Starling Group, establishing and maintaining standards for control implementation procedures, and liaising with external bodies and organisations to keep abreast of emerging trends, technologies, and legislation that have an impact on Information Security.
\nYou will also support security controls assessment, and accreditation, e.g. ISO/IEC 27001, manage the input to the Information Security Risk Register and ensure coherence with the Bank's Risk Management framework, and act as point of contact for the second, third line of defense and other stakeholders (e.g. Legal, Regulatory Affairs) and coordinate audit and request response.
\nIn addition, you will manage the creation of Board, committees and regulatory engagement meeting material and communication, establish a framework and manage the Information Security reporting capability incl. regular revision of Key Risk and Performance Indicators, and support the CISO in the yearly Information Security strategy review and roadmap definition.
\nYou will also manage the Information Security related budget, and have previous experience working in a complex IT organisation encompassing service delivery, application development and IT infrastructure.
\nYou will have an understanding of best practice within Information Security and risk management including standards such as ISO/IEC 27001, NIST, Cyber Essentials and COBIT, and an understanding of legislation and regulations that impact information Security. E.g. Data Protection Act and GDPR, DORA, Freedom of Information Act, PCI DSS.
\nYou will also have previous experience in leading, developing and motivating a team, and an understanding of current and emerging threats and countermeasures and the organisational challenges to addressing these threats.
\nYou will have a good knowledge of security technologies and wider business solutions including Identity and access management, security monitoring, and data security technologies, and a good understanding of financial services and awareness of broader requirements.
\nYou will share knowledge and provide guidance on internal bank first line related processes, and take responsibility and do the right thing for customers, colleagues and partners.
\nIt would be great if you have one or more of the following qualifications, but it's not essential; Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or Certified Information Systems Auditor.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_0e245c82-f41","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Starling","sameAs":"https://www.starlingbank.com/","logo":"https://logos.yubhub.co/starlingbank.com.png"},"x-apply-url":"https://apply.workable.com/j/174B958FED","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Information Security","Risk Management","Compliance","Cybersecurity","Cloud Security","Identity and Access Management","Security Monitoring","Data Security"],"x-skills-preferred":[],"datePosted":"2026-04-24T14:19:27.647Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"London"}},"employmentType":"FULL_TIME","occupationalCategory":"IT","industry":"Finance","skills":"Information Security, Risk Management, Compliance, Cybersecurity, Cloud Security, Identity and Access Management, Security Monitoring, Data Security"}]}