Security Operations Manager

This range is provided by Barclay Simpson. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Direct message the job poster from Barclay Simpson

Position Overview

Rapidly growing FinTech company seeking an accomplished Cybersecurity Operations Manager to take full ownership of its cloud-first security operations function. This is a high-impact, hands-on leadership role with end-to-end responsibility for managing the Security Operations Centre (SOC), incident detection and response, threat intelligence, and cloud-native security engineering-with a strong focus on Google Cloud Platform (GCP).

Operating in a highly regulated, Real Time financial services environment, this role requires deep technical knowledge, operational maturity, and experience applying security best practices across a fast-moving cloud infrastructure.

What You'll Do

• Lead and mentor a team of SOC analysts and engineers, ensuring high-quality coverage across all GCP workloads.
• Establish and maintain 24/7 detection and response capabilities, fine-tuning alerting rules and monitoring strategies.
• Deploy and maintain detection rules using Chronicle SIEM, YARA, Sigma, and GCP-native logging tools.
• Define and maintain runbooks, incident playbooks, and escalation procedures.
• Own the full life cycle of security incidents from detection to remediation and post-incident review.
• Perform advanced threat hunting and root cause analysis across cloud workloads, Kubernetes clusters, APIs, and user activity. Integrate external threat intelligence feeds, aligning TTPs with the MITRE ATT&CK framework.
• Drive continuous improvement by conducting regular purple team exercises and scenario-based tabletop tests.

Cloud Security Engineering

• Work hands-on with GCP security controls, including:
• Security Command Center
• VPC Service Controls
• IAM (Identity & Access Management) Cloud Logging and Monitoring
• Workload Identity Federation
• Automate security response using Python, Terraform, or XSOAR.
• Collaborate with infrastructure and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services.

Compliance & Risk Alignment

• Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements.
• Support internal and external audits with relevant security evidence and reports.
• Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance.

Who You Are

A cybersecurity professional who thrives in high-velocity, cloud-native, and heavily regulated environments. You're both a strategist and a practitioner: able to lead people and projects, while staying hands-on with modern tools and incident response workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications.

Essential Qualifications

• Experience as SOC lead, cyber operations manager, or similar role.
• Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts.
• Strong expertise in:
• SIEM management (Chronicle, Splunk, Elastic) Incident response and recovery
• Security orchestration (SOAR), preferably Chronicle + XSOAR
• IAM, policy enforcement, logging, and access reviews in GCP
• Proven experience working in FinTech or financial services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash).
• Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, Kill Chain). Familiarity with Kubernetes (GKE), container security, API hardening.

Nice to Have

Certifications such as:

• Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA
• Experience implementing Zero Trust Architecture in a cloud-native environment. Familiarity with OPA/Gatekeeper, Kubernetes Admission Controllers.
• Background in red teaming or adversary simulation (MITRE Caldera, Atomic Red Team).
• Experience working with BigQuery, Data Loss Prevention (DLP) tools, and Key Management Systems (KMS).

Why This Role?

• Work directly with engineering, DevSecOps, and compliance leadership.
• Lead cybersecurity strategy and execution in a cloud-native, greenfield fintech platform. Influence architecture decisions at scale while keeping a hands-on role.
• Flexible, remote-first working culture with global talent.
• A chance to build a security function from the ground up, automate deeply, and scale securely.

• Seniority level
  Mid-Senior level

• Employment type
  Contract

• Job function
  Consulting and Management

Referrals increase your chances of interviewing at Barclay Simpson by 2x

Get notified about new Security Operations Manager jobs in United Kingdom.

Edinburgh, Scotland, United Kingdom 3 months ago

Manchester, England, United Kingdom 3 months ago

Glasgow, Scotland, United Kingdom 3 months ago

London, England, United Kingdom 2 weeks ago

London, England, United Kingdom 1 week ago

Edinburgh, Scotland, United Kingdom 1 week ago

Glasgow, Scotland, United Kingdom 1 week ago

Manchester, England, United Kingdom 1 week ago

London, England, United Kingdom 1 week ago

Cambridge, England, United Kingdom 2 days ago

London, England, United Kingdom 12 hours ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.