Head of Cyber and Resilience Audit

Hello, we're Starling. We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. We're a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We're a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,000 people across our London, Southampton, Cardiff and Manchester offices.

We're looking for a Head of Cyber and ResilienceAudit to join our growing Internal Audit team covering Cyber and Resilience which includes Technology Resilience and Operational Resilience areas across Starling. You'll be responsible for the audit plan in key areas across Information Security and Technology.

You will support the Group Head of Internal Audit (SMF5) and Head of Technology Audit, and will be expected to present your work to the Executive team and the Board Audit Committee.

You will help Starling's Senior Management to protect the assets, reputation and sustainability of Starling as it continues on its growth path and delivers fantastic products and services.

You will support and report directly to the Head of Technology Audit. You will also have significant exposure across Starling, including Senior Management and Board-level Committees. This role is open to candidates based in either London or Cardiff. Travel to the London office will be required on an occasional basis.

Please note; this role will close at 5pm on Tuesday 4th November.

• Delivery of the internal audit plan across Cyber and Resilience areas primarily, but also assist in the delivery of other Technology audits when required. This will be done with the support of Starling's in-house team and co-source providers
• Provide insightful and impactful reporting to help the Executive and the Board challenge the controls activities of the first two lines of defence
• Provide the necessary support, guidance and challenge in a constructive manner to support sustainable growth and in ensuring appropriate outcomes for our customers
• Engagement with Regulators and relevant industry bodies
• Mentor colleagues and work as a member of the broader 3LoD team
• Contribute to the effectiveness of the Internal Audit Strategy and help to deliver strategic change across the internal audit team
• Contribute to the Data Analytics (DA) Strategy delivering increased levels of DA
• Conduct continuous monitoring activities across key areas assigned to you and provide insight and contributions into Executive and Board Reporting

Essential criteria

• Extensive experience within internal or external audit within a professional services or financial Institution regulated by the PRA and FCA within 1LOD, 2LOD or 3LOD Internal Audit function
• Experience in delivering audits across a broad range of Technology, Cyber and Resilience audit experience ideally within another Financial Institution regulated by the PRA and FCA
• Excellent relationship management and influencing skills with colleagues, with the ability to challenge in a positive manner and to articulate balanced opinions
• Ability to juggle multiple priorities and overcome challenges while working within timelines
• Self-starter and can-do approach with a level of flexibility to adapt to work in a fast-paced and highly regulated environment
• Strong communication skills, with the ability to work collaboratively in a team environment and be confident with agile ways of working
• Excellent attention to detail and highly organised
• The desire and drive to learn, develop and create a positive impact as part of a growing internal audit function
• Strong technical understanding merging technologies such as Artificial Intelligence, Machine Learning, and Robotic Process Automation, with the ability to assess related risks, controls, and governance frameworks.
• Strong up to date technical knowledge gained from a consultancy firm, bank or a fintech.

Desirable criteria

• Relevant degree and a professional certification or industry accreditation (e.g. CISA, CISSP, CRISC, CISM, CIA)
• A good understanding of the 2025 Institute of Internal Auditors (IIA) standards and Chartered Institute of Internal Auditors (CIIA) Internal Audit Code of Practice
• Experience with audit software and data analytics for internal audit functions is preferred but not essential

• 25 days holiday (plus take your public holiday allowance whenever works best for you)
• An extra day's holiday for your birthday
• Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off
• 16 hours paid volunteering time a year
• Salary sacrifice, company enhanced pension scheme
• Life insurance at 4x your salary
• Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
• Generous family-friendly policies
• Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks
• Access to initiatives like Cycle to Work and Salary Sacrificed Gym partnerships

About Us

You may be put off applying for a role because you don't tick every box. Forget that! While we can't accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren't sure if you're 100% there yet, get in touch anyway.

We're on a mission to radically reshape banking - and that starts with our brilliant team. Whatever came before, we're proud to bring together people of all backgrounds and experiences who love working together to solve problems.

Starling Bank is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law.

By submitting your application, you agree that Starling Bank may collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we may process, where we may process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.