Job Title

Position OverviewRapidly growing FinTech company seeking an accomplished Cybersecurity Operations Manager to take full ownership of its cloud-first security operations function. This is a high-impact, hands-on leadership role with end-to-end responsibility for managing the Security Operations Centre (SOC), incident detection and response, threat intelligence, and cloud-native security engineering-with a strong focus on Google Cloud Platform (GCP).Operating in a highly regulated, Real Time financial services environment, this role requires deep technical knowledge, operational maturity, and experience applying security best practices across a fast-moving cloud infrastructure.What You'll DoSOC Leadership & Threat DetectionLead and mentor a team of SOC analysts and engineers, ensuring high-quality coverage across all GCP workloads.Establish and maintain 24/7 detection and response capabilities, fine-tuning alerting rules and monitoring strategies.Deploy and maintain detection rules using Chronicle SIEM, YARA, Sigma, and GCP-native logging tools.Define and maintain runbooks, incident playbooks, and escalation procedures.Incident Response & Threat IntelligenceOwn the full life cycle of security incidents from detection to remediation and post-incident review.Perform advanced threat hunting and root cause analysis across cloud workloads, Kubernetes clusters, APIs, and user activity. Integrate external threat intelligence feeds, aligning TTPs with the MITRE ATT&CK framework.Drive continuous improvement by conducting regular purple team exercises and scenario-based tabletop tests.Cloud Security EngineeringWork hands-on with GCP security controls, including:Security Command CenterVPC Service ControlsIAM (Identity & Access Management) Cloud Logging and MonitoringWorkload Identity FederationAutomate security response using Python, Terraform, or XSOAR.Collaborate with infrastructure and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services.Compliance & Risk AlignmentEnsure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements.Support internal and external audits with relevant security evidence and reports.Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance.Who You AreA cybersecurity professional who thrives in high-velocity, cloud-native, and heavily regulated environments. You're both a strategist and a practitioner: able to lead people and projects, while staying hands-on with modern tools and incident response workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications.Essential QualificationsExperience as SOC lead, cyber operations manager, or similar role.Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts.Strong expertise in:SIEM management (Chronicle, Splunk, Elastic) Incident response and recoverySecurity orchestration (SOAR), preferably Chronicle + XSOARIAM, policy enforcement, logging, and access reviews in GCPProven experience working in FinTech or financial services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash).Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, Kill Chain). Familiarity with Kubernetes (GKE), container security, API hardening.Nice to HaveCertifications such as:Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIAExperience implementing Zero Trust Architecture in a cloud-native environment. Familiarity with OPA/Gatekeeper, Kubernetes Admission Controllers.Background in red teaming or adversary simulation (MITRE Caldera, Atomic Red Team).Experience working with BigQuery, Data Loss Prevention (DLP) tools, and Key Management Systems (KMS).Why This Role?Work directly with engineering, DevSecOps, and compliance leadership.Lead cybersecurity strategy and execution in a cloud-native, greenfield fintech platform. Influence architecture decisions at scale while keeping a hands-on role.Flexible, remote-first working culture with global talent.A chance to build a security function from the ground up, automate deeply, and scale securely.