Security Operations Engineer

Senior Ops Engineer (Security Ops / GRC)

Salary: Up to £65,000

Location: Glasgow or Edinburgh (flexible hybrid working)

Lorien is recruiting a Senior Ops Engineer for a fast-growing, regulated fintech organisation operating in the financial services space. This is a high-impact role created to strengthen the link between Security Operations and Governance, Risk & Compliance (GRC), improving audit outcomes and driving pragmatic security improvements across cloud and (to a lesser extent) on‑prem environments.

You'll join the Infrastructure & Support function and work closely with GRC, translating audit findings, vulnerabilities and risk themes into clear, prioritised action plans then driving those actions through to completion with technical teams.

What you'll be doing

• Monitor and investigate security events across cloud and internal infrastructure using SIEM/security monitoring tools, distinguishing genuine threats from false positives.
• Lead and support incident response activities (containment, remediation, recovery and post-incident reviews).
• Own vulnerability management follow through: track remediation actions, validate fixes, and ensure closure in line with risk appetite.
• Improve security controls across IAM, network security, system hardening and vulnerability management (primarily Azure-focused).
• Embed security into Infrastructure‑as‑Code and CI/CD: work within Terraform-managed environments and automated pipelines so security is built in by design.
• Support penetration tests and third‑party security assessments, ensuring outcomes translate into completed remediation.
• Assist with compliance/assurance activity (e.g., ISO27001, SOC2, GDPR) by producing logs, evidence and documentation.
• Act as a confident security advocate in roadmap decisions-able to push back, prioritise critical risk items, and bring stakeholders with you.
• Whilst there are no on call, a sensible level of ownership is expected if issues arise.

What we're looking for

This role suits someone who can be strategic and hands-on, and who can influence technical teams effectively (collaborative and pragmatic).

Essential experience

• Security operations experience in a SaaS, cloud or regulated technology environment.
• Experience triaging and responding to security alerts using SIEM tooling (Microsoft Sentinel advantageous).
• Strong grounding in Azure security: identity & access management, network security, hardening and vulnerability management.
• Experience with vulnerability assessments / penetration testing and driving remediation to closure.
• Working knowledge of frameworks such as ISO 27001, SOC 2 and GDPR, with practical experience embedding controls operationally.
• Comfortable working in automated environments using Infrastructure‑as‑Code (Terraform) and CI/CD pipelines (Azure DevOps).
• Strong communication skills: able to articulate risk clearly to both technical and non-technical stakeholders.

Desirable

• Network / firewall knowledge.
• Exposure to SIEM tuning, detection engineering or alert optimisation.
• Familiarity with Azure-native tooling such as Log Analytics (and related security tooling).
• Experience in fintech/financial services or other regulated environments.

Tech environment

• Microsoft Azure (identity, networking, monitoring and security services).
• Azure-native logging/monitoring feeding into SIEM tooling.
• Terraform Infrastructure‑as‑Code and automated CI/CD pipelines (Azure DevOps).
• Security & compliance tooling supporting vulnerability management and audit readiness.

Why join?

You'll have genuine autonomy to shape security operations, improve audit outcomes, and embed practical security controls in a business that is growing and investing in its security maturity.

Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.