Head of Security Operations (Fintech)

TL;DR

Head of Security Operations (Fintech): Managing and reporting Information Security Risks and leading a team delivering proactive cyber defence and response to security threats with an accent on detecting and responding to security events, incident response framework ownership, and vulnerability management. Focus on driving efficiency with automation and AI, developing threat intelligence, and communicating security posture.

Location: Hybrid working with a minimum of 50% of your working time per month in the office, located in Manchester or London (UK). For new team members, an initial period will be full-time in the office.

Company

hirify.global is one of the fastest-growing investment platform businesses in the UK offering an award-winning range of solutions for financial advisers and DIY investors.

What you will do

• Lead and manage the Security Operations team for cyber defence and incident response.
• Ensure capability to detect and respond to security events and incidents, maintaining 24x7 operational security coverage with third-party providers.
• Proactively drive efficiency through automation and AI in security operations processes.
• Own and develop incident response framework and playbooks, including regular training and testing.
• Develop and maintain threat intelligence capabilities for effective response to the evolving threat landscape.
• Manage the end-to-end vulnerability management process, including penetration testing and remediation tracking.

Requirements

• Expert understanding and knowledge of Information Security risk management tools and techniques.
• Extensive experience with Information Security standards and frameworks (e.g., ISO27001, NIST).
• Experience in an Information Security role gained in a financial services or e-commerce environment.
• Knowledge of relevant regulatory requirements (e.g., GDPR/FCA/PRA).
• Strong awareness of Cloud services and supporting security solutions & standards.
• Good understanding of cloud native and DevOps practices.

Nice to have

• Knowledge of security investigations best practice including Microsoft Purview and computer forensics.
• Hands-on experience managing and configuring Microsoft Active Directory, Windows, and Linux.
• Hands-on experience with internet proxies, endpoint security tools, and data loss prevention systems.

Culture & Benefits

• Competitive starting salary with discretionary bonus scheme and annual free share awards.
• Starting holiday entitlement of 28 days, increasing up to 31 days, plus a buy and sell scheme.
• Choice of pension schemes with matched contributions up to 8%.
• Health Cash Plan, Private healthcare scheme, and dental plan.
• Free gym membership with on-site gym and classes.
• Enhanced maternity, paternity, and shared parental leave.
• Ongoing technical training and professional qualification support.