Senior Cloud Security Engineer (SecOps / GCP) in Manchester

We help regulated and enterprise customers protect their Google Cloud Estates. As a Premier Google Cloud Partner, we deliver Google Unified Security (GUS) engagements across the full stack - from greenfield SIEM/SOAR deployments and SOC modernisation programmes to detection engineering, posture management, threat hunting, and incident response uplift. Secure GCP estates with the adoption of CI/CD pipelines, secure landing zones and cloud posture reviews. Expertise when integrating third party tools such as Wiz.

We're looking for a Senior Security Engineer with deep, hands on experience across the GCP and Google Security portfolio. You'll lead the technical work on customer engagements, build reusable content for the practice, and help customers deliver security solutions at scale. This is a hands on senior role. Most of your week is client delivery. The rest goes into our practice - accelerators, parsers, rule packs, playbooks, and points of view that make the next engagement faster than the last.

What you'll do

• Google SecOps (SIEM / SOAR) Lead end to end SecOps deployments - tenant setup, multi tenant architecture, data ingestion, retention design, RBAC, and feed onboarding. Build and maintain parsers, UDM mappings, and data models for Google Cloud, AWS, Azure, endpoint, identity, and network sources. Write, test, and tune YARA L detection rules, including single event, multi event, and composite detections. Design SOAR playbooks and python integrations. Develop custom agents that can be deployed in customer environments using GCP infrastructure.
• GCP Configure CI/CD pipelines with integrated security tools. Configure GCP security solutions including Security Command Center Enterprise, IAP, VPC Service Controls, and Model Armor. Work with platform teams to support the deployment of secure cloud foundation blueprints. Support clients with secure AI workloads including the use of model armor and agent identities.
• Google Threat Intelligence Operationalise Google Threat Intelligence inside SecOps - IoC matching, Applied Threat Intelligence, and curated detections. Build threat informed defence programmes tied to customer specific threat profiles (sector, geography, adversary groups). Run threat hunting campaigns using GTI, Mandiant frontline intelligence, and UDM search. Validate detection coverage against MITRE ATT&CK using Mandiant Security Validation where in scope.
• Practice growth Mentor engineers and consultants; lead internal SecOps and GUS enablement. Represent the practice in pre sales, customer workshops, and Google partner forums.

What we're looking for

• Essential Strong SIEM/SOC delivery experience (any major platform; Google SecOps / Chronicle preferred). Hands on with Google SecOps: UDM, YARA L, parsers, SOAR playbooks, data ingestion patterns. Solid grounding in Google Cloud security primitives: IAM, Organization Policies, VPC Service Controls, Cloud Logging, Cloud KMS. Comfortable with Terraform, CI/CD pipelines and at least one scripting language (Python, Go) for automation, parser development, and integration work. Experience supporting regulated workloads (financial services, public sector, healthcare) and translating compliance requirements into operational controls. Able to explain risk, trade offs, and findings to both SOC analysts and executive stakeholders.
• Nice to have Google Professional Cloud Security Engineer or Google SecOps certification. Prior SIEM migration experience (Splunk SecOps, Sentinel SecOps, etc.). Experience with adjacent tooling: Wiz, CrowdStrike, Splunk, Sentinel, Snyk. Consulting or systems integrator background. Contributions to open detection content (Sigma, MITRE, public rule repos).

Benefits

We believe in supporting our team members both professionally and personally. Here's how we invest in you:

• Compensation and Financial Wellbeing Competitive base salary, Matching pension scheme (up to 5%) from day one, Discretionary company bonus scheme, 4 x annual salary Death in Service coverage from day one, Employee referral scheme, Tech Scheme.
• Health and Wellness Private medical insurance from day one, Optical and dental cashback scheme, access to remote GP's, second opinions, mental health support, and physiotherapy EAP service, Cycle to work scheme.
• Work Life balance and Growth 28 days annual leave (plus bank holidays), An extra paid day off for your birthday, Ten paid learning days per year, Flexible working hours, Work from anywhere (up to 3 weeks per year), Industry recognised training and certifications, Bonusly employee recognition and reward platform, Clear opportunities for career progression, Length of service awards, Regular company events.

Diversity and Inclusion At Beyond we champion diversity and inclusion. We believe that a career in IT should be open to everyone, regardless of race, ethnicity, gender, age, sexual orientation, disability or neurotype. We value the unique talents and perspectives that each individual brings to our team, and we strive to create a fair and accessible hiring process for all.