📍London/Cardiff/UK Remote | 💰£40,000 - £55,000 + Incentive Awards tied to your performance | Benefits ✨

⭐Our Security Operations team

To make money work for everyone, we must protect our customers, our data, and our systems. You will join our Security Operations Squad to detect threats, respond to incidents, and improve our defences without disrupting the people who use our bank. You can read about how we scale security detection here.

We want you to join us if you want to specialise in Incident Response. You do not need to be an Incident Lead right now. You will work alongside our senior team members to investigate security events, from the initial alert through to recovery. As you build your skills and confidence, we will support you to lead these responses.

We protect our team from alert fatigue by taking a proactive approach. You will hunt for new threats and automate our detection methods. We give you the tools and autonomy to automate repetitive tasks, which gives you the time to focus entirely on the analytical work of tracking and stopping advanced adversaries.

We invest heavily in the people who protect the bank. We actively monitor workloads to prevent alert fatigue, we run blameless incident reviews, and we support each other. You do not need to master every security domain on day one. We will give you the mentorship, resources, and time to learn and develop your skills.

🔑 You’ll play a key role by...

• Investigating security events. You'll work alongside our senior team members to navigate incidents across our network, endpoints, and cloud systems. You'll play an active role from the initial alert through to recovery, and as you build your skills and confidence, we will support you to lead these responses.
• Proactively hunting for threats. You test theories about how attackers might target us and search for hidden threats across our systems before they trigger alerts.
• Spotting real threats. You fine-tune our alerts so we only spend time looking at genuine risks. You use these alerts to drive your incident response investigations, focusing your energy on stopping attackers.
• Automating repetitive work. You build automations that handle routine tasks, giving the squad time to focus on complex, analytical challenges.
• Learning from past incidents. You run blameless reviews after incidents to find the root cause, using those lessons to improve our security controls across the business.
• Tracking threat intelligence. You research the attackers that pose a risk to us and turn that knowledge into active, automated defences.

🤩 We’d love to hear from you if…

• You have hands-on incident response experience. You have worked in a Security Operations Centre (SOC) and feel confident investigating security events and supporting the wider team during complex incidents.
• You understand systems and networks deeply. You know how operating systems (macOS, windows, Linux) and networks work under the hood, and you understand modern attack methods.
• You automate your workflows. You hate doing the same manual task twice and have experience using scripting languages (like Python or Go) to build automated tools and interact with APIs.
• You solve problems independently. You can navigate tricky investigations and figure out the right path forward, even when there isn't a step-by-step guide to follow.
• You communicate clearly. You can explain highly technical forensic findings in everyday language to people who don't work in security.
• You have experience with cloud or detection engineering. It is a bonus (but not essential) if you have worked with cloud platforms like AWS or Azure, written detection rules as code, or hold practical security certifications.

Not ticking every box? That’s totally okay! Studies show that women and people of colour might hesitate to apply unless they meet every single requirement. At Monzo, we’re dedicated to creating a diverse and welcoming team. If you’re passionate about this role and keen to learn and grow with us, we encourage you to apply— even if you don’t have everything that's listed just yet. Drop us your application, we’d love to hear from you!

🙌 What’s in it for you

💰£40,000 - £55,000 + Incentive Awards tied to your performance

📍This role can be based in our London office, but we're open to distributed working within the UK (with ad hoc meetings in London)

⏰We offer flexible working hours and trust you to work enough hours to do your job well, and at times that suit you and your team.

📚£1,000 learning budget each year to use on books, training courses and conferences.

🏡We will set you up to work from home; all employees are given Macbooks and for fully remote workers we will provide extra support for your work-from-home setup.

➕ Plus lots more! Read our full list of benefits.

🌈 The application journey has 3 key steps

• 30 min call with the recruiter
• 30 min initial call with the hiring manager
• 2 hours of technical and behavioural interviews

This process should take around 4 weeks - your schedule is really important to us, so we promise to be as flexible as possible!

We have some guidelines on using Artificial Intelligence (AI) to ace an application and interview at Monzo. You can read them here.

We’ll only close this role once we have enough applications for the next stage. Please submit your application as soon as possible to make sure you don’t miss out.

#LI-REMOTE #LI-OS1