Description Starling is the UK's first and leading digital bank on a mission to fix banking! We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. Read more about Our Story here. We're a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We're a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,000 people across our London, Southampton, Cardiff and Manchester offices. Our technologists are at the very heart of Starling and enjoy working in a fast-paced environment that is all about building things, creating new stuff, and disruptive technology that keeps us on the cutting edge of fintech. We operate a flat structure to empower you to make decisions regardless of what your primary responsibilities may be, innovation and collaboration will be at the core of everything you do. Help is never far away in our open culture, you will find support in your team and from across the business, we are in this together! The way to thrive and shine within Starling is to be a self-driven individual and be able to take full ownership of everything around you: From building things, designing, discovering, to sharing knowledge with your colleagues and making sure all processes are efficient and productive to deliver the best possible results for our customers. Our purpose is underpinned by five Starling values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Hybrid Working We have a Hybrid approach to working here at Starling - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. About the Role As an experienced Penetration Tester you will be working with talented cyber security professionals to protect Starling customers, company assets and systems using the latest technologies and techniques. The primary objective for this role is to collaborate with, support, and guide Starling's engineering and operation functions to ensure our services are designed, developed and operated securely. As an experienced member of our penetration testing team you will directly interact with multiple areas of the business to understand requirements, define the scope and approach to testing (including undertaking appropriate research), and produce reporting information aligned to our risk framework. In addition, we understand the importance of knowledge and expertise remaining current and you shall support the continued advancement of our penetration testing through research, design and implementation of new solutions, including automation. Responsibilities Scoping and performing mobile, web application, cloud, and infrastructure penetration tests. Automation of security testing, and development of internal tooling, to achieve continuous assurance. Collaboration with engineering teams to facilitate secure development, including: Review and analysis of proposed technical solutions to identify appropriate security controls. Input and guidance to security related technical architecture and design decisions. Code review of features and critical security components. Practical security testing. Advising on remediation of security issues and processes to address root causes. Security assurance reviews of third-party solutions. Identifying and implementing improvements to the team's internal processes and procedures. Review, analysis and reporting of external threats relevant to Starling systems and solutions, in the context of Starling's desired security posture. Requirements We're open-minded when it comes to hiring and we care more about aptitude and attitude than specific experience or qualifications. Ideally, we would like: 5+ years technical information security experience. Experience of mobile, web application, cloud and infrastructure penetration testing. Strong technical knowledge in: Mobile security (iOS and Android) Web application security Networking and associated protocols Cloud security (AWS and GCP) Containers and Kubernetes A desire to learn, and ability to apply technical security knowledge to new and unfamiliar areas. CREST, OSCP or similar industry penetration testing qualification A good understanding of applied cryptographic techniques. Reverse engineering and exploit development capabilities. Experience of security testing in an agile SDLC. Threat modelling experience. Experience performing code reviews, particularly in Java and Go. Experience of fulfilling a client facing security consulting role. Excellent verbal and written communication skills. Experience in automation of security testing, with previous development experience desirable. Interview process Interviewing is a two way process and we want you to have the time and opportunity to get to know us, as much as we are getting to know you! Our interviews are conversational and we want to get the best from you, so come with questions and be curious. In general you can expect the below, following a chat with one of our Talent Team: First stage with the Penetration Testing Team Lead Second stage with additional members of the Penetration Testing team Final stage with Infosec Director and CISO Benefits We have a Hybrid approach to working here at Starling - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. In Technology, we're asking that you attend the office a minimum of 1 day per week. 25 days holiday (plus take your public holiday allowance whenever works best for you) An extra day's holiday for your birthday Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off 16 hours paid volunteering time a year Salary sacrifice, company enhanced pension scheme Life insurance at 4x your salary & group income protection Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton Generous family-friendly policies Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing About Us You may be put off applying for a role because you don't tick every box. Forget that! While we can't accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren't sure if you're 100% there yet, get in touch anyway. We're on a mission to radically reshape banking - and that starts with our brilliant team. Whatever came before, we're proud to bring together people of all backgrounds and experiences who love working together to solve problems. Starling is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice. By submitting your application, you agree that Starling Bank will collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we will process, where we will process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.
09/12/2025
Full time
Description Starling is the UK's first and leading digital bank on a mission to fix banking! We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. Read more about Our Story here. We're a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We're a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,000 people across our London, Southampton, Cardiff and Manchester offices. Our technologists are at the very heart of Starling and enjoy working in a fast-paced environment that is all about building things, creating new stuff, and disruptive technology that keeps us on the cutting edge of fintech. We operate a flat structure to empower you to make decisions regardless of what your primary responsibilities may be, innovation and collaboration will be at the core of everything you do. Help is never far away in our open culture, you will find support in your team and from across the business, we are in this together! The way to thrive and shine within Starling is to be a self-driven individual and be able to take full ownership of everything around you: From building things, designing, discovering, to sharing knowledge with your colleagues and making sure all processes are efficient and productive to deliver the best possible results for our customers. Our purpose is underpinned by five Starling values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Hybrid Working We have a Hybrid approach to working here at Starling - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. About the Role As an experienced Penetration Tester you will be working with talented cyber security professionals to protect Starling customers, company assets and systems using the latest technologies and techniques. The primary objective for this role is to collaborate with, support, and guide Starling's engineering and operation functions to ensure our services are designed, developed and operated securely. As an experienced member of our penetration testing team you will directly interact with multiple areas of the business to understand requirements, define the scope and approach to testing (including undertaking appropriate research), and produce reporting information aligned to our risk framework. In addition, we understand the importance of knowledge and expertise remaining current and you shall support the continued advancement of our penetration testing through research, design and implementation of new solutions, including automation. Responsibilities Scoping and performing mobile, web application, cloud, and infrastructure penetration tests. Automation of security testing, and development of internal tooling, to achieve continuous assurance. Collaboration with engineering teams to facilitate secure development, including: Review and analysis of proposed technical solutions to identify appropriate security controls. Input and guidance to security related technical architecture and design decisions. Code review of features and critical security components. Practical security testing. Advising on remediation of security issues and processes to address root causes. Security assurance reviews of third-party solutions. Identifying and implementing improvements to the team's internal processes and procedures. Review, analysis and reporting of external threats relevant to Starling systems and solutions, in the context of Starling's desired security posture. Requirements We're open-minded when it comes to hiring and we care more about aptitude and attitude than specific experience or qualifications. Ideally, we would like: 5+ years technical information security experience. Experience of mobile, web application, cloud and infrastructure penetration testing. Strong technical knowledge in: Mobile security (iOS and Android) Web application security Networking and associated protocols Cloud security (AWS and GCP) Containers and Kubernetes A desire to learn, and ability to apply technical security knowledge to new and unfamiliar areas. CREST, OSCP or similar industry penetration testing qualification A good understanding of applied cryptographic techniques. Reverse engineering and exploit development capabilities. Experience of security testing in an agile SDLC. Threat modelling experience. Experience performing code reviews, particularly in Java and Go. Experience of fulfilling a client facing security consulting role. Excellent verbal and written communication skills. Experience in automation of security testing, with previous development experience desirable. Interview process Interviewing is a two way process and we want you to have the time and opportunity to get to know us, as much as we are getting to know you! Our interviews are conversational and we want to get the best from you, so come with questions and be curious. In general you can expect the below, following a chat with one of our Talent Team: First stage with the Penetration Testing Team Lead Second stage with additional members of the Penetration Testing team Final stage with Infosec Director and CISO Benefits We have a Hybrid approach to working here at Starling - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. In Technology, we're asking that you attend the office a minimum of 1 day per week. 25 days holiday (plus take your public holiday allowance whenever works best for you) An extra day's holiday for your birthday Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off 16 hours paid volunteering time a year Salary sacrifice, company enhanced pension scheme Life insurance at 4x your salary & group income protection Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton Generous family-friendly policies Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing About Us You may be put off applying for a role because you don't tick every box. Forget that! While we can't accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren't sure if you're 100% there yet, get in touch anyway. We're on a mission to radically reshape banking - and that starts with our brilliant team. Whatever came before, we're proud to bring together people of all backgrounds and experiences who love working together to solve problems. Starling is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice. By submitting your application, you agree that Starling Bank will collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we will process, where we will process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.
Senior Backend Engineer We are seeking a deeply technical and security-minded Senior Backend Engineer to join a newly-founded, high-impact AI joint venture. Backed by five of the world's leading telecommunications giants, our mission is to restore trust in global voice communication. This is not a standard Back End role. We are seeking a foundational engineer to own our single greatest strategic asset: our unique, privileged access to network-level intelligence via the GSMA CAMARA API standard. This is our right to win, and you will be the engineer responsible for building the bridge to it. You will be the Critical Path Owner for Track Zero, the 30-day foundational sprint to validate and integrate the first-ever CAMARA-based signals (like sim-swap and device-roaming-status) from our telco founders. Your success is the Go/No-Go gate for our MWC 2026 launch. You will be directly responsible for building the out-of-band data path that enables our flagship Telco-Verified Security Shield and its sub-500ms Time-to-Trust metric, our core differentiator that no over-the-top competitor can replicate. This position offers a unique opportunity to define a new category of network-aware security, working directly with the world's leading carriers to turn their network data into a Real Time defense against global fraud. Key Responsibilities Telco Integration & Architecture Own and build the Security Signal Ingestion path, the secure, low-latency, and out-of-band data channel connecting to our founding members' network API gateways. Architect and implement a carrier-agnostic, vendor-agnostic connector layer to consume RESTful APIs from a heterogeneous global landscape of telco partners and IMS vendors (eg, Nokia, Ericsson, Mavenir). Serve as the primary technical liaison to the engineering teams at our telco founders (Deutsche Telekom, Singtel, SKT, etc.), working hand-in-glove to navigate, validate, and productionize their new CAMARA network APIs. Design and build the high-throughput microservices that will query, ingest, normalize, and cache network signals (eg, sim-swap, device-roaming-status) to be used in our Real Time Scam_Score model. Implement a mandatory Zero Trust security model for this critical integration, our most sensitive asset. This includes mTLS, least-privilege IAM, and network micro-segmentation. System Ownership & Performance Serve as the Critical Path Owner for Track Zero, our 30-day sprint to validate and integrate Real Time signals from at least two telco partners, culminating in a Go/No-Go demo. Ensure all network API integrations meet the stringent P99 latency budgets (eg, < 150ms) required to support our sub-500ms Time-to-Trust product goal. Collaborate with the platform team to build a parallel development path using mocked data to mitigate risks of network API delays. Define and own the data contracts and pipelines that feed this "ground-truth" network data from the integration layer to our core AI Service Bus (Apache Kafka). Cross-functional Collaboration Work closely with the Scam Detection Service and AI/ML teams to define the feature vectors and data payloads needed from the network to power our proprietary machine learning models. Partner with product and leadership to define the Phase 2 (post-MWC) roadmap for co-developing new, proprietary network APIs (like Caller_Velocity from CDRs) that will become our long-term, indefensible moat. Document integration architectures, data schemas, and security controls to create setup guides for our Founding Member partners. Collaborate with our external InfoSec vendor to ensure the integration layer is continuously validated and hardened against threats. Required Qualifications Education & Experience Bachelor's degree in Computer Science, Engineering, or a related field. 7+ years of hands-on experience in Back End engineering, with a proven track record of building and maintaining high-performance, distributed systems in production. Required Technical Skills A minimum of 5 years of production experience with C++ or Go (Golang). Strong, demonstrable experiefnce with Real Time, low-latency data processing. You obsess over milliseconds and understand the trade-offs. Proficiency with cloud platforms (AWS, GCP, or Azure) and containerization technologies (Kubernetes, Docker). Deep understanding of API design (REST, gRPC, Webhooks) and API security (OAuth 2.0, mTLS, JWTs). Knowledge of (or deep, demonstrable curiosity about) telecommunications protocols and architectures. You must be comfortable talking to network engineers. Experience with high-throughput messaging or streaming platforms (eg, Kafka, Pulsar). This is a permanent position with hybrid working of two days a week in the central London office and the rest WFH. The salary is very much Dependent on experience with a guide between £130k-£160K basic + package.
05/12/2025
Full time
Senior Backend Engineer We are seeking a deeply technical and security-minded Senior Backend Engineer to join a newly-founded, high-impact AI joint venture. Backed by five of the world's leading telecommunications giants, our mission is to restore trust in global voice communication. This is not a standard Back End role. We are seeking a foundational engineer to own our single greatest strategic asset: our unique, privileged access to network-level intelligence via the GSMA CAMARA API standard. This is our right to win, and you will be the engineer responsible for building the bridge to it. You will be the Critical Path Owner for Track Zero, the 30-day foundational sprint to validate and integrate the first-ever CAMARA-based signals (like sim-swap and device-roaming-status) from our telco founders. Your success is the Go/No-Go gate for our MWC 2026 launch. You will be directly responsible for building the out-of-band data path that enables our flagship Telco-Verified Security Shield and its sub-500ms Time-to-Trust metric, our core differentiator that no over-the-top competitor can replicate. This position offers a unique opportunity to define a new category of network-aware security, working directly with the world's leading carriers to turn their network data into a Real Time defense against global fraud. Key Responsibilities Telco Integration & Architecture Own and build the Security Signal Ingestion path, the secure, low-latency, and out-of-band data channel connecting to our founding members' network API gateways. Architect and implement a carrier-agnostic, vendor-agnostic connector layer to consume RESTful APIs from a heterogeneous global landscape of telco partners and IMS vendors (eg, Nokia, Ericsson, Mavenir). Serve as the primary technical liaison to the engineering teams at our telco founders (Deutsche Telekom, Singtel, SKT, etc.), working hand-in-glove to navigate, validate, and productionize their new CAMARA network APIs. Design and build the high-throughput microservices that will query, ingest, normalize, and cache network signals (eg, sim-swap, device-roaming-status) to be used in our Real Time Scam_Score model. Implement a mandatory Zero Trust security model for this critical integration, our most sensitive asset. This includes mTLS, least-privilege IAM, and network micro-segmentation. System Ownership & Performance Serve as the Critical Path Owner for Track Zero, our 30-day sprint to validate and integrate Real Time signals from at least two telco partners, culminating in a Go/No-Go demo. Ensure all network API integrations meet the stringent P99 latency budgets (eg, < 150ms) required to support our sub-500ms Time-to-Trust product goal. Collaborate with the platform team to build a parallel development path using mocked data to mitigate risks of network API delays. Define and own the data contracts and pipelines that feed this "ground-truth" network data from the integration layer to our core AI Service Bus (Apache Kafka). Cross-functional Collaboration Work closely with the Scam Detection Service and AI/ML teams to define the feature vectors and data payloads needed from the network to power our proprietary machine learning models. Partner with product and leadership to define the Phase 2 (post-MWC) roadmap for co-developing new, proprietary network APIs (like Caller_Velocity from CDRs) that will become our long-term, indefensible moat. Document integration architectures, data schemas, and security controls to create setup guides for our Founding Member partners. Collaborate with our external InfoSec vendor to ensure the integration layer is continuously validated and hardened against threats. Required Qualifications Education & Experience Bachelor's degree in Computer Science, Engineering, or a related field. 7+ years of hands-on experience in Back End engineering, with a proven track record of building and maintaining high-performance, distributed systems in production. Required Technical Skills A minimum of 5 years of production experience with C++ or Go (Golang). Strong, demonstrable experiefnce with Real Time, low-latency data processing. You obsess over milliseconds and understand the trade-offs. Proficiency with cloud platforms (AWS, GCP, or Azure) and containerization technologies (Kubernetes, Docker). Deep understanding of API design (REST, gRPC, Webhooks) and API security (OAuth 2.0, mTLS, JWTs). Knowledge of (or deep, demonstrable curiosity about) telecommunications protocols and architectures. You must be comfortable talking to network engineers. Experience with high-throughput messaging or streaming platforms (eg, Kafka, Pulsar). This is a permanent position with hybrid working of two days a week in the central London office and the rest WFH. The salary is very much Dependent on experience with a guide between £130k-£160K basic + package.
Senior Systems Engineer The Role: As a Senior Systems Engineer at Synoptix you will support the scope and direction of the engineering projects you are working on. In this role, you will engage with external stakeholders at a high level within customer organisations whilst feeding back to the business within engineering management meetings etc. You will have opportunities to enhance your skills and capabilities in line with personal and business objectives. Day to day tasking can include: Delivering technical expertise on a variety of customer projects from air to sub-surface Supporting Systems Engineering activity across the design lifecycle Working with multidisciplinary teams Development of proposals and statements of work Engaging with customer representatives to identify opportunities and seeing them through to delivery Guiding junior engineers in project delivery, where needed Key Skills Required: We are interested in any of the following skills, but they are not essential for you to apply: Concepting Requirements Capture, Management and Analysis Model Based Systems Engineering (MBSE) Systems Integration Verification and Validation Development of SE documentation such as SEMP, ICD, ITEAP Knowledge of supporting toolsets (e.g. DOORs, JAMA, JIRA, Enterprise Architect, Cameo Systems Modeller, Rhapsody, MATLAB, Simulink) Benefits: Annual Company Bonus - Based on company performance 25 Days holiday not including bank holidays with the option to buy/sell up to 5 days Flexible hybrid working arrangements Continuous professional development including incentives Access to online Udemy training facility to support grade specific learning pathways Electric car scheme Bike to work scheme Private health care (BUPA) Job well done scheme Employer assistance scheme About Us: Synoptix was formed in 2011 to provide engineering solutions across various technical industries. We have evolved from a company established and focussed on Systems Thinking principles into an Engineering company providing solutions and services across three key capabilities: Systems, Cyber & InfoSec and Technology. What makes us stand out is how we engage in the crossover areas between these disciplines, combining our strengths to provide a truly bespoke, market leading approach. Our engineering competence is bolstered by expertise in commercial, legal, financial and resource, thereby ensuring that we uphold excellence in our product and service offerings. Please note that due to the nature of our projects we can only accept Sole UK National candidates who will need to be eligible to obtain UK Security Clearance. By applying to this position, you are confirming that you consent to the retention of your personal data. Your data is held securely on our own premises and under the terms of the Data Protection Act (2018). It will be treated as confidential, and will not be transferred to any third party, or to any other jurisdiction without your consent. We will not hold any data for any longer than is necessary for us to fulfil our obligations and will remove any data at your written request. JBRP1_UKTJ
04/12/2025
Full time
Senior Systems Engineer The Role: As a Senior Systems Engineer at Synoptix you will support the scope and direction of the engineering projects you are working on. In this role, you will engage with external stakeholders at a high level within customer organisations whilst feeding back to the business within engineering management meetings etc. You will have opportunities to enhance your skills and capabilities in line with personal and business objectives. Day to day tasking can include: Delivering technical expertise on a variety of customer projects from air to sub-surface Supporting Systems Engineering activity across the design lifecycle Working with multidisciplinary teams Development of proposals and statements of work Engaging with customer representatives to identify opportunities and seeing them through to delivery Guiding junior engineers in project delivery, where needed Key Skills Required: We are interested in any of the following skills, but they are not essential for you to apply: Concepting Requirements Capture, Management and Analysis Model Based Systems Engineering (MBSE) Systems Integration Verification and Validation Development of SE documentation such as SEMP, ICD, ITEAP Knowledge of supporting toolsets (e.g. DOORs, JAMA, JIRA, Enterprise Architect, Cameo Systems Modeller, Rhapsody, MATLAB, Simulink) Benefits: Annual Company Bonus - Based on company performance 25 Days holiday not including bank holidays with the option to buy/sell up to 5 days Flexible hybrid working arrangements Continuous professional development including incentives Access to online Udemy training facility to support grade specific learning pathways Electric car scheme Bike to work scheme Private health care (BUPA) Job well done scheme Employer assistance scheme About Us: Synoptix was formed in 2011 to provide engineering solutions across various technical industries. We have evolved from a company established and focussed on Systems Thinking principles into an Engineering company providing solutions and services across three key capabilities: Systems, Cyber & InfoSec and Technology. What makes us stand out is how we engage in the crossover areas between these disciplines, combining our strengths to provide a truly bespoke, market leading approach. Our engineering competence is bolstered by expertise in commercial, legal, financial and resource, thereby ensuring that we uphold excellence in our product and service offerings. Please note that due to the nature of our projects we can only accept Sole UK National candidates who will need to be eligible to obtain UK Security Clearance. By applying to this position, you are confirming that you consent to the retention of your personal data. Your data is held securely on our own premises and under the terms of the Data Protection Act (2018). It will be treated as confidential, and will not be transferred to any third party, or to any other jurisdiction without your consent. We will not hold any data for any longer than is necessary for us to fulfil our obligations and will remove any data at your written request. JBRP1_UKTJ
Job Title Security Architect Advert People make Sage great. From our colleagues delivering ground-breaking solutions to the customers who use them: people have helped us grow for more than thirty years, and people are driving our future as a great SaaS company. We're writing our next chapter. Be part of it! At Sage, we recognize that the world of work has rapidly shifted over the last few years, particularly how we work. That is why we have committed to working in a hybrid way going forward. Human connection is an essential ingredient of the 4 principles that make up our Flexible Human Work hybrid framework and we want to be transparent in what that looks like when you join our Sage family. On one hand, our offices will continue to play an important role in our future and serve as a place for spontaneous conversations, connection, collaboration as well as focused time. On the other hand, we have learned to reimagine where and when we work and to unlock that flexibility and innovation for our colleagues offering them the opportunity to work flex across their home, Sage offices or customer sites. We invite you to join us and help us write our next chapter. Follow us on our social media sites to join in conversations about open positions and company news! . If you would like support with your application (or require any adjustments) please contact us at for assistance. All qualified applicants will be thoughtfully considered and never discriminated against based on their race, color, age, religion, sexual orientation, gender identity, national origin, disability or veteran status. Job Description About Sage Sage is the proud market leader in cloud business management solutions supporting millions of small and medium size businesses globally. Sage is the market leader for integrated accounting, payroll, and payment systems, supporting the ambition of the world's entrepreneurs. At Sage, we're focused on giving businesses of all sizes the technology to better manage everything from money to people. You'll be part of a global market leader but with a very local heart. We're a FTSE 100 company with £60m of new investment into the business, over 13,000 colleagues globally, and we continually give back. Sec authority Leading projects / SAIL specifics & technologies Ability to understand or some coding background. ISO27k - different ways of achieving it • Experience with gitops Iso compliance ------ Job description •You will be part of our Cloud Native DevSecOps security engineering team and will be primarily working on building enterprise containers solutions that involve Kubernetes, OpenShift, Docker and the surrounding K8s ecosystem. •In this role, you will be responsible for providing design and implementation expertise on Kubernetes for the DevSecOps solutions that are being built in the cloud. As a Kubernetes Subject Matter Expert, you will be providing guidance for design and architecture of Kubernetes clusters at a massive scale for the client organization (an innovative and progressive organization that operates at scale). •You will be implementing rapid POCs and Pilots of new capabilities to demonstrate feasibility of new solutions. •You will understand the developments in the CNCF community and have a great understanding of the overall CNCF ecosystem. You will present solutions to stakeholders to better educate them and help in the decision-making process for using the right technologies for solving the right problems. Core activities: •Have in-depth, hands-on experience building platforms at scale for containerized workloads, particularly leveraging Kubernetes, including cluster provisioning, operations, workload optimization, custom controllers/operators, workflow orchestration, logging monitoring, security, and troubleshooting. •Detailed understanding of core concepts for Kubernetes APIs and cluster architecture, as well as services and networking. •Hands on experience with Ingress of Nginx DevOps tools: Jenkins, Ansible, CI/CD, Docker Network and security management for hybrid environment •Evaluate, select, design and configure security infrastructure systems in a global environment. •Build, deploy and operate a wide range of robust and fit-for-purpose security tools and services, in a Cloud-first cullture •Ensure strong and effective security controls are in place to detect and mitigate risks across all on-prem and Cloud environments to meet business and regulatory requirements •Work closely and collaboratively with a large number of distributed Product teams and operational teams across UK and US and Europe, working in an AGILE delivery model. •Promote DevSecOps, leading by example to change existing systems and practices for the better, allowing all functions to do more with existing resources •Support and conduct internal audits, help mitigate findings and implement improvement measures. •Identify, integrate, monitor and improve infosec controls by understanding business processes. •Work in support of the Senior Information Security Engineer enhancing the security direction for the organisation including systems, networks, user services and vendor development efforts. •Troubleshoot security system and related issues. Assist with complex projects and ongoing support of security operations. •Assist in defining security requirements and review of system to determine if they have been designed to comply with established security standards. Develop new standards as necessary. •Assist other Information Security teams with evaluating technology to ensure adherence to developing standards and technical integration with current capabilities Skills required: •Have in-depth, hands-on experience building platforms at scale for containerized workloads, particularly leveraging Kubernetes, including cluster provisioning, operations, workload optimization, custom controllers/operators, workflow orchestration, logging monitoring, security, and troubleshooting. •Detailed understanding of core concepts for Kubernetes APIs and cluster architecture, as well as services and networking. •Hands on experience with Ingress of Nginx DevOps tools: Jenkins, Azure Devops,Ansible, CI/CD, Docker Network and security management for hybrid environment •Familiarity with Deploying Kubernetes •Proven experience in DevOps, Nginx and Kubernetes (Pod, Cluster, etc.) •Ability to push a point/right solution to different stakeholders (both technical and non-technical). •Proven experience of delivering Kubernetes project engagements. •Ability to troubleshoot issues faced in the working Kubernetes environment and CI/CD pipeline. •Design, implement, support and evaluate security-focused tools, vulnerably management tools and services. •Conduct periodic Vulnerability assessment. •Participate in incident handling and other related duties to support the information security function. •Cloud DevOps/Security Certifications in AWS/Azure is preferred. Key Responsibilities Infrastructure and automation as code. Building and api management. Why Join Sage? People make Sage great. From our colleagues delivering ground-breaking solutions to the customers who use them: people have helped us grow for more than thirty years, and people are driving our future as a great SaaS company. We're writing our next chapter. Be part of it! Experience has taught us that when our customers thrive, we thrive. As a team, we always start with what customers need. Through the good... and more challenging times. Innovating at pace so customers can manage their finances, operations and people. Every one of us shapes our culture at Sage - doing what's right and succeeding together, united by our commitment to each other. We encourage each other to grow in our roles, in our careers and as individuals. In addition, we offer competitive salary and bonus potential combined with benefits package. The benefits include generous pension scheme, cycle to work scheme, 25 days annual leave and holiday buy/sell, five volunteering days, career progression, access to 24/7 mental-health support, flexible work, inclusiveness and more! Function Global Information Security Country United Kingdom Office Location London;Newcastle Work Place type Hybrid
23/09/2022
Full time
Job Title Security Architect Advert People make Sage great. From our colleagues delivering ground-breaking solutions to the customers who use them: people have helped us grow for more than thirty years, and people are driving our future as a great SaaS company. We're writing our next chapter. Be part of it! At Sage, we recognize that the world of work has rapidly shifted over the last few years, particularly how we work. That is why we have committed to working in a hybrid way going forward. Human connection is an essential ingredient of the 4 principles that make up our Flexible Human Work hybrid framework and we want to be transparent in what that looks like when you join our Sage family. On one hand, our offices will continue to play an important role in our future and serve as a place for spontaneous conversations, connection, collaboration as well as focused time. On the other hand, we have learned to reimagine where and when we work and to unlock that flexibility and innovation for our colleagues offering them the opportunity to work flex across their home, Sage offices or customer sites. We invite you to join us and help us write our next chapter. Follow us on our social media sites to join in conversations about open positions and company news! . If you would like support with your application (or require any adjustments) please contact us at for assistance. All qualified applicants will be thoughtfully considered and never discriminated against based on their race, color, age, religion, sexual orientation, gender identity, national origin, disability or veteran status. Job Description About Sage Sage is the proud market leader in cloud business management solutions supporting millions of small and medium size businesses globally. Sage is the market leader for integrated accounting, payroll, and payment systems, supporting the ambition of the world's entrepreneurs. At Sage, we're focused on giving businesses of all sizes the technology to better manage everything from money to people. You'll be part of a global market leader but with a very local heart. We're a FTSE 100 company with £60m of new investment into the business, over 13,000 colleagues globally, and we continually give back. Sec authority Leading projects / SAIL specifics & technologies Ability to understand or some coding background. ISO27k - different ways of achieving it • Experience with gitops Iso compliance ------ Job description •You will be part of our Cloud Native DevSecOps security engineering team and will be primarily working on building enterprise containers solutions that involve Kubernetes, OpenShift, Docker and the surrounding K8s ecosystem. •In this role, you will be responsible for providing design and implementation expertise on Kubernetes for the DevSecOps solutions that are being built in the cloud. As a Kubernetes Subject Matter Expert, you will be providing guidance for design and architecture of Kubernetes clusters at a massive scale for the client organization (an innovative and progressive organization that operates at scale). •You will be implementing rapid POCs and Pilots of new capabilities to demonstrate feasibility of new solutions. •You will understand the developments in the CNCF community and have a great understanding of the overall CNCF ecosystem. You will present solutions to stakeholders to better educate them and help in the decision-making process for using the right technologies for solving the right problems. Core activities: •Have in-depth, hands-on experience building platforms at scale for containerized workloads, particularly leveraging Kubernetes, including cluster provisioning, operations, workload optimization, custom controllers/operators, workflow orchestration, logging monitoring, security, and troubleshooting. •Detailed understanding of core concepts for Kubernetes APIs and cluster architecture, as well as services and networking. •Hands on experience with Ingress of Nginx DevOps tools: Jenkins, Ansible, CI/CD, Docker Network and security management for hybrid environment •Evaluate, select, design and configure security infrastructure systems in a global environment. •Build, deploy and operate a wide range of robust and fit-for-purpose security tools and services, in a Cloud-first cullture •Ensure strong and effective security controls are in place to detect and mitigate risks across all on-prem and Cloud environments to meet business and regulatory requirements •Work closely and collaboratively with a large number of distributed Product teams and operational teams across UK and US and Europe, working in an AGILE delivery model. •Promote DevSecOps, leading by example to change existing systems and practices for the better, allowing all functions to do more with existing resources •Support and conduct internal audits, help mitigate findings and implement improvement measures. •Identify, integrate, monitor and improve infosec controls by understanding business processes. •Work in support of the Senior Information Security Engineer enhancing the security direction for the organisation including systems, networks, user services and vendor development efforts. •Troubleshoot security system and related issues. Assist with complex projects and ongoing support of security operations. •Assist in defining security requirements and review of system to determine if they have been designed to comply with established security standards. Develop new standards as necessary. •Assist other Information Security teams with evaluating technology to ensure adherence to developing standards and technical integration with current capabilities Skills required: •Have in-depth, hands-on experience building platforms at scale for containerized workloads, particularly leveraging Kubernetes, including cluster provisioning, operations, workload optimization, custom controllers/operators, workflow orchestration, logging monitoring, security, and troubleshooting. •Detailed understanding of core concepts for Kubernetes APIs and cluster architecture, as well as services and networking. •Hands on experience with Ingress of Nginx DevOps tools: Jenkins, Azure Devops,Ansible, CI/CD, Docker Network and security management for hybrid environment •Familiarity with Deploying Kubernetes •Proven experience in DevOps, Nginx and Kubernetes (Pod, Cluster, etc.) •Ability to push a point/right solution to different stakeholders (both technical and non-technical). •Proven experience of delivering Kubernetes project engagements. •Ability to troubleshoot issues faced in the working Kubernetes environment and CI/CD pipeline. •Design, implement, support and evaluate security-focused tools, vulnerably management tools and services. •Conduct periodic Vulnerability assessment. •Participate in incident handling and other related duties to support the information security function. •Cloud DevOps/Security Certifications in AWS/Azure is preferred. Key Responsibilities Infrastructure and automation as code. Building and api management. Why Join Sage? People make Sage great. From our colleagues delivering ground-breaking solutions to the customers who use them: people have helped us grow for more than thirty years, and people are driving our future as a great SaaS company. We're writing our next chapter. Be part of it! Experience has taught us that when our customers thrive, we thrive. As a team, we always start with what customers need. Through the good... and more challenging times. Innovating at pace so customers can manage their finances, operations and people. Every one of us shapes our culture at Sage - doing what's right and succeeding together, united by our commitment to each other. We encourage each other to grow in our roles, in our careers and as individuals. In addition, we offer competitive salary and bonus potential combined with benefits package. The benefits include generous pension scheme, cycle to work scheme, 25 days annual leave and holiday buy/sell, five volunteering days, career progression, access to 24/7 mental-health support, flexible work, inclusiveness and more! Function Global Information Security Country United Kingdom Office Location London;Newcastle Work Place type Hybrid
Solution Architect Role - £75,000 per annum, 12 Month FTC. This opportunity to provide advice and support, in relation to digital solutions architecture, solution options and selection, agile technology roadmaps, and solution and development overlaps and integrations, is being offered on a 12 month Fixed-term Contract to a central-London public sector company. The role is a Full time contract, reporting to the Head of Solutions and MX Programme Manager and is ideal for a candidate with current Solution Architect experience or with Senior Developer experience. The Solution Architect's role is to provide targeted solutions architecture across all projects, but predominantly those within a Member Experience MX Programme. The role is also expected to roadmap the appropriate technologies and suppliers to ensure stakeholders are aware of the options and decisions they will face. It is essential that strategic advice on technology options is given, based on functional, non-functional, and wider business requirements and considerations, factoring in best-practices, solution and product roadmaps, and sustainability. Through engaging in this Solution Framework, the Solution Architect operates across projects and programmes to ensure the right choices for the business and technical architecture are made in relation to integrated, overlapping and dependent technologies and functionality. Within the team, the Solutions Architect work with the Technical Design Authority (TDA), providing peer reviews and assurances around technology choices, fitness for purpose and the sustainability of solutions. Through working with the IT Security Manager, Head of Risk and Assurance, IT Transition and Release Manager, other architects (including business, data, and infrastructure architects), product owners and delivery colleagues, the Solutions Architect ensures optimal solutions are delivered and transitioned into the business. Essential candidate skills include: Experience in providing solution architecture advice, prototyping and support in digital environments, common digital technologies such as CMS, DXP, CRM, BI, eMarketing, CDN, cloud hosting, Learning Management Solutions, ETL, etc. Excellent understanding of Web technologies including RESTful APIs (Web APIs, REST, JSON, XML, SOAP), mobile and eCommerce technologies. Software Development Lifecycle experience, and experience on Agile projects. Excellent stakeholder management skills, with the ability to explain complex technical concepts effectively to both technical and non-technical audiences at all levels in the organisation. Experience with API design and testing tools such as SwaggerHub and Postman. Experience in multidisciplinary architectures including business, data & information, technical infrastructure, cloud, software development. Experience in programmatic planning and risk/dependency management, specifically across significant agile portfolios of digital delivery. Experience in working with Technical Design Authorities in advising across a spectrum of solution issues, including working with delivery management, InfoSec, Information Management and Assurance and Risk colleagues. Experience and understanding of the business change challenges of technology and an ability to take wider business considerations into account when giving advice. Experience of working within TOGAF. Practical and proven knowledge of solution and data integration and understanding the challenges, typical architectures and use cases around digital integration. InterQuest Group is acting as an employment agency for this vacancy. InterQuest Group is an equal opportunities employer and we welcome applications from all suitably qualified persons regardless of age, disability, gender, religion/belief, race, marriage, civil partnership, pregnancy, maternity, sex or sexual orientation. Please make us aware if you require any reasonable adjustments throughout the recruitment process.
05/11/2021
Solution Architect Role - £75,000 per annum, 12 Month FTC. This opportunity to provide advice and support, in relation to digital solutions architecture, solution options and selection, agile technology roadmaps, and solution and development overlaps and integrations, is being offered on a 12 month Fixed-term Contract to a central-London public sector company. The role is a Full time contract, reporting to the Head of Solutions and MX Programme Manager and is ideal for a candidate with current Solution Architect experience or with Senior Developer experience. The Solution Architect's role is to provide targeted solutions architecture across all projects, but predominantly those within a Member Experience MX Programme. The role is also expected to roadmap the appropriate technologies and suppliers to ensure stakeholders are aware of the options and decisions they will face. It is essential that strategic advice on technology options is given, based on functional, non-functional, and wider business requirements and considerations, factoring in best-practices, solution and product roadmaps, and sustainability. Through engaging in this Solution Framework, the Solution Architect operates across projects and programmes to ensure the right choices for the business and technical architecture are made in relation to integrated, overlapping and dependent technologies and functionality. Within the team, the Solutions Architect work with the Technical Design Authority (TDA), providing peer reviews and assurances around technology choices, fitness for purpose and the sustainability of solutions. Through working with the IT Security Manager, Head of Risk and Assurance, IT Transition and Release Manager, other architects (including business, data, and infrastructure architects), product owners and delivery colleagues, the Solutions Architect ensures optimal solutions are delivered and transitioned into the business. Essential candidate skills include: Experience in providing solution architecture advice, prototyping and support in digital environments, common digital technologies such as CMS, DXP, CRM, BI, eMarketing, CDN, cloud hosting, Learning Management Solutions, ETL, etc. Excellent understanding of Web technologies including RESTful APIs (Web APIs, REST, JSON, XML, SOAP), mobile and eCommerce technologies. Software Development Lifecycle experience, and experience on Agile projects. Excellent stakeholder management skills, with the ability to explain complex technical concepts effectively to both technical and non-technical audiences at all levels in the organisation. Experience with API design and testing tools such as SwaggerHub and Postman. Experience in multidisciplinary architectures including business, data & information, technical infrastructure, cloud, software development. Experience in programmatic planning and risk/dependency management, specifically across significant agile portfolios of digital delivery. Experience in working with Technical Design Authorities in advising across a spectrum of solution issues, including working with delivery management, InfoSec, Information Management and Assurance and Risk colleagues. Experience and understanding of the business change challenges of technology and an ability to take wider business considerations into account when giving advice. Experience of working within TOGAF. Practical and proven knowledge of solution and data integration and understanding the challenges, typical architectures and use cases around digital integration. InterQuest Group is acting as an employment agency for this vacancy. InterQuest Group is an equal opportunities employer and we welcome applications from all suitably qualified persons regardless of age, disability, gender, religion/belief, race, marriage, civil partnership, pregnancy, maternity, sex or sexual orientation. Please make us aware if you require any reasonable adjustments throughout the recruitment process.
