Rodeo
ResourcesPartnersSign in

Crown Agents Bank

Senior Operational Security Engineer

London Borough of Southwark
Posted about 2 months ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Company Description Crown Agents Bank is a vastly growing and regulated UK bank that connects emerging and frontier markets to the rest of the world, using FX and payments technology. We are transforming the way payments and FX move through emerging markets, reducing friction so that more money gets to those who need it. Emerging markets payments are usually challenging, expensive, unreliable and opaque. Our solutions help fix these pain points. Ultimately, we connect traditionally hard-to-reach regions to global financial infrastructure, giving access to the best prices and the fastest, most reliable settlement. FX and cross-border payments are often complex and expensive, especially when operating in emerging markets. Crown Agents Bank (CAB) wraps its deep and trusted relationships and strength of network around innovative digital capabilities, and cross-border transaction banking solutions to enable fintech, corporates, governments, development organisations and banks to move money to, from, and across often hard-to-reach markets. Job Description The Senior Operational Security Engineer owns and operates the firm’s core protective and detective security controls across endpoint, network, identity and data security domains, converting multiple best-efforts operational security activities into sustainable, auditable and scalable services. Security Operations — Endpoint & Network Own and operate Endpoint Detection & Response (EDR) tooling including alert triage, threat containment and endpoint health monitoring across all firm devices. Enforce endpoint security baselines, compliance checks and hardening standards across the estate. Manage anti-malware controls including policy configuration, update management and alert response. Configure and manage firewall and Web Application Firewall (WAF) controls, network segmentation, and remote access security. Working closely with the SD and Workspace team to maintain baseline security standards across endpoint environments. Own email security controls including anti-spam, anti-phishing, DMARC/DKIM/SPF and attachment scanning. Manage web filtering, proxy controls and malicious URL/content blocking. Identity & Access Management Administer and manage multi-factor authentication (MFA) and single sign-on (SSO) solutions across the firm. Manage Privileged Access Management (PAM/PIM) controls including PAM/PIM platform administration and privileged session management. Own joiner, mover and leaver (JML) processes across all systems, ensuring timely and accurate access changes. Run periodic access review and recertification cycles, ensuring least-privilege is maintained across the estate. Support customer-facing access controls and authentication governance. Data Security Manage Data Loss Prevention (DLP) controls including policy configuration, alert triage and response for data exfiltration events. Oversee data classification, retention, archiving and disposal controls within M365 and across the estate. Support insider threat monitoring controls and escalation procedures. Manage encryption standards and certificate lifecycle including monitoring, renewal and revocation Detection & Response Triage and analyse security alerts from across the tooling estate, coordinating with the SOC to ensure timely detection and response. Lead threat hunting activities using XDR telemetry and threat intelligence to proactively identify attacker activity. Own and maintain the XDR platform including rule management, integrations and telemetry quality. Investigate security incidents, anomalous activity and SOC escalations, producing clear findings and recommendations. Develop and maintain incident response runbooks covering key threat scenarios and response procedures. Own ransomware readiness and business resilience testing activities, including backup validation and playbook maintenance. Manage security automation and SOAR playbook development to improve detection and response efficiency. Provide operational interface with the SOC, supporting SLA management and technical escalation. Operational Reporting Produce clear, accurate and timely reporting covering endpoint health, network control status, DLP alert volumes, IAM control health and incident metrics. Contribute security operations data and metrics to the master CISO reporting pack. Qualifications Degree or equivalent professional experience in a relevant technical discipline. Relevant industry certification desirable, such as SC-200, AZ-500, CompTIA Security+, GIAC (GCIA, GCED, GCIH) or CISSP. Candidates with strong hands-on experience and demonstrable technical capability will be considered regardless of formal qualification. Significant hands-on experience in an operational information security or security engineering role. Demonstrable experience managing EDR/AV, SIEM/XDR platforms, and network security controls including firewalls, WAF and segmentation. Practical experience with identity and access management including MFA, PAM/PIM and access review processes. Experience with the enterprise security solutions suites (Endpoint, Cloud, XDR, Identity, etc) and Purview/DLP. Working knowledge of PAM tooling. Experience in a regulated financial services environment preferred but not essential; working knowledge of ISO 27001, NIST CSF, DORA or NYDFS Part 500 beneficial. Ability to produce clear technical documentation, reports and evidence suitable for audit and regulatory review.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job
Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Endpoint Detection & Response
Network Security
Identity & Access Management
Data Loss Prevention
XDR
SIEM
Firewall Management
WAF
MFA
PAM/PIM
Incident Response
Threat Hunting
DMARC/DKIM/SPF
Security Automation
SOAR
Technical Documentation

Location

London Borough of Southwark, England, United Kingdom

Sign up to applySee more jobs like this