This range is provided by Barclay Simpson. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay range
Direct message the job poster from Barclay Simpson
I recruit leading Information Security, IT Risk & Resilience contractors.
Position Overview
Rapidly growing FinTech company seeking an accomplished Cybersecurity Operations Manager to take full ownership of its cloud-first security operations function. This is a high-impact, hands-on leadership role with end-to-end responsibility for managing the Security Operations Centre (SOC), incident detection and response, threat intelligence, and cloud-native security engineering-with a strong focus on Google Cloud Platform (GCP).
Operating in a highly regulated, Real Time financial services environment, this role requires deep technical knowledge, operational maturity, and experience applying security best practices across a fast-moving cloud infrastructure.
What You'll Do
* Lead and mentor a team of SOC analysts and engineers, ensuring high-quality coverage across all GCP workloads.
* Establish and maintain 24/7 detection and response capabilities, fine-tuning alerting rules and monitoring strategies.
* Deploy and maintain detection rules using Chronicle SIEM, YARA, Sigma, and GCP-native logging tools.
* Define and maintain runbooks, incident playbooks, and escalation procedures.
* Own the full life cycle of security incidents from detection to remediation and post-incident review.
* Perform advanced threat hunting and root cause analysis across cloud workloads, Kubernetes clusters, APIs, and user activity. Integrate external threat intelligence feeds, aligning TTPs with the MITRE ATT&CK framework.
* Drive continuous improvement by conducting regular purple team exercises and scenario-based tabletop tests.
Cloud Security Engineering
* Work hands-on with GCP security controls, including:
* Security Command Center
* VPC Service Controls
* IAM (Identity & Access Management) Cloud Logging and Monitoring
* Workload Identity Federation
* Automate security response using Python, Terraform, or XSOAR.
* Collaborate with infrastructure and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services.
Compliance & Risk Alignment
* Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements.
* Support internal and external audits with relevant security evidence and reports.
* Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance.
Who You Are
A cybersecurity professional who thrives in high-velocity, cloud-native, and heavily regulated environments. You're both a strategist and a practitioner: able to lead people and projects, while staying hands-on with modern tools and incident response workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications.
Essential Qualifications
* Experience as SOC lead, cyber operations manager, or similar role.
* Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts.
* Strong expertise in:
* SIEM management (Chronicle, Splunk, Elastic) Incident response and recovery
* Security orchestration (SOAR), preferably Chronicle + XSOAR
* IAM, policy enforcement, logging, and access reviews in GCP
* Proven experience working in FinTech or financial services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash).
* Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, Kill Chain). Familiarity with Kubernetes (GKE), container security, API hardening.
Nice to Have
Certifications such as:
* Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA
* Experience implementing Zero Trust Architecture in a cloud-native environment. Familiarity with OPA/Gatekeeper, Kubernetes Admission Controllers.
* Background in red teaming or adversary simulation (MITRE Caldera, Atomic Red Team).
* Experience working with BigQuery, Data Loss Prevention (DLP) tools, and Key Management Systems (KMS).
Why This Role?
* Work directly with engineering, DevSecOps, and compliance leadership.
* Lead cybersecurity strategy and execution in a cloud-native, greenfield fintech platform. Influence architecture decisions at scale while keeping a hands-on role.
* Flexible, remote-first working culture with global talent.
* A chance to build a security function from the ground up, automate deeply, and scale securely.
Seniority level
* Seniority level
Mid-Senior level
Employment type
* Employment type
Contract
Job function
* Job function
Consulting and Management
Referrals increase your chances of interviewing at Barclay Simpson by 2x
Get notified about new Security Operations Manager jobs in United Kingdom.
Manager - National Security - Technology
Edinburgh, Scotland, United Kingdom 3 months ago
Manchester, England, United Kingdom 3 months ago
Glasgow, Scotland, United Kingdom 3 months ago
Director, Business Security Leader (BISO)
Manager, Engineering (Supply Chain Security) - EMEA
EMEA PRESALES DIRECTOR - Network Automation / Security
Engineering Manager - Security Standards and Hardening
London, England, United Kingdom 2 weeks ago
London, England, United Kingdom 1 week ago
Edinburgh, Scotland, United Kingdom 1 week ago
Glasgow, Scotland, United Kingdom 1 week ago
Manchester, England, United Kingdom 1 week ago
Identity Security - Customer Experience Manager - French Speaking
Identity Security - Customer Experience Manager - IAM/IGA - UK/Poland
London, England, United Kingdom 1 week ago
Business Development Manager (Fire & Security)
Engineering Manager, Software Supply Chain Security: Authorization
Engineering Manager, Software Supply Chain Security: Pipeline Security
Cambridge, England, United Kingdom 2 days ago
Senior Director Analyst, Security Architecture and Cloud Security (Remote Canada and EMEA)
London, England, United Kingdom 12 hours ago
Technical Lead - Application Security (UK Nationals Only)
Sales Manager – Telecom Access & SASE Security
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr