Accessibility
Home
Jobs
Upload CV
Find Talent
Careers
SOC Manager
Position Overview
Rapidly growing FinTech company seeking an accomplished Cybersecurity Operations Manager to take full ownership of its cloud-first security operations function. This is a high-impact, hands-on leadership role with end-to-end responsibility for managing the Security Operations Centre (SOC), incident detection and response, threat intelligence, and cloud-native security engineering-with a strong focus on Google Cloud Platform (GCP).
Operating in a highly regulated, Real Time financial services environment, this role requires deep technical knowledge, operational maturity, and experience applying security best practices across a fast-moving cloud infrastructure.
What You’ll Do
SOC Leadership & Threat Detection
- Lead and mentor a team of SOC analysts and engineers, ensuring high-quality coverage across all GCP workloads.
- Establish and maintain 24/7 detection and response capabilities, fine-tuning alerting rules and monitoring strategies.
- Deploy and maintain detection rules using Chronicle SIEM, YARA, Sigma, and GCP-native logging tools.
- Define and maintain runbooks, incident playbooks, and escalation procedures.
Incident Response & Threat Intelligence
- Own the full lifecycle of security incidents from detection to remediation and post-incident review.
- Perform advanced threat hunting and root cause analysis across cloud workloads, Kubernetes clusters, APIs, and user activity. Integrate external threat intelligence feeds, aligning TTPs with the MITRE ATT&CK framework.
- Drive continuous improvement by conducting regular purple team exercises and scenario-based tabletop tests.
Cloud Security Engineering
- Work hands-on with GCP security controls, including:
- Security Command Center
- VPC Service Controls
- IAM (Identity & Access Management) Cloud Logging and Monitoring
- Workload Identity Federation
- Automate security response using Python, Terraform, or XSOAR.
- Collaborate with infrastructure and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services.
Compliance & Risk Alignment
- Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements.
- Support internal and external audits with relevant security evidence and reports.
- Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance.
Who You Are
A cybersecurity professional who thrives in high-velocity, cloud-native, and heavily regulated environments. You’re both a strategist and a practitioner: able to lead people and projects, while staying hands-on with modern tools and incident response workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications.
Essential Qualifications
- Experience as SOC lead, cyber operations manager, or similar role.
- Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts.
- Strong expertise in:
- SIEM management (Chronicle, Splunk, Elastic) Incident response and recovery
- Security orchestration (SOAR), preferably Chronicle + XSOAR
- IAM, policy enforcement, logging, and access reviews in GCP
- Proven experience working in FinTech or financial services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash).
- Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, Kill Chain). Familiarity with Kubernetes (GKE), container security, API hardening.
Nice to Have
Certifications such as:
- Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA
- Experience implementing Zero Trust Architecture in a cloud-native environment. Familiarity with OPA/Gatekeeper, Kubernetes Admission Controllers.
- Background in red teaming or adversary simulation (MITRE Caldera, Atomic Red Team).
- Experience working with BigQuery, Data Loss Prevention (DLP) tools, and Key Management Systems (KMS).
Why This Role?
- Work directly with engineering, DevSecOps, and compliance leadership.
- Lead cybersecurity strategy and execution in a cloud-native, greenfield fintech platform. Influence architecture decisions at scale while keeping a hands-on role.
- Flexible, remote-first working culture with global talent.
- A chance to build a security function from the ground up, automate deeply, and scale securely.
We seek individuals from a diverse talent pool and encourage applicants from underrepresented groups to apply to our vacancies. Our commitment to fair recruitment processes means that we welcome applicants from all backgrounds, regardless of their lived experience or personal characteristics. We also invite applicants who meet most of the listed requirements, even if not all, to apply. If you require any adjustments to the application process, please let us know.
Barclay Simpson acts as an Employment Agency for permanent positions and an Employment Business for temporary/contract engagements.
