We don't wait for the future—we build it. We are Clavium.

Clavium is a developer-centric, tech-forward company dedicated to solving complex problems in the blockchain space. By harnessing advanced technologies, we build tools and capabilities that enable individuals to securely manage their digital assets. We foster a culture of innovation and constant challenge, empowering our team to grow, experiment, and drive impactful solutions.

We are currently looking for a detail-oriented Security Operations Analyst to join our growing cyber security team within a fast-paced fintech environment. This role is ideal for someone early in their cyber security career who is eager to gain experience across a broad range of operational security responsibilities.

Working in a cloud-native environment, you will collaborate closely with engineering, DevOps, and IT teams to help uphold the security of our platforms, products, and data.

Day to day:

• Cyber Security Operations & Incident Response (L1/L2)

  • Monitor and respond to security alerts and incidents through our SIEM and EDR platforms.

  • Perform triage, analysis, and initial containment of cyber threats in line with defined playbooks.

  • Escalate significant events to security engineers and contribute to incident reports and root cause analysis.

• Cyber Security Controls & Compliance

  • Support the ongoing testing and validation of compliance frameworks and their associated controls.

  • Assist with internal control assessments, evidence collection, and audit readiness.

  • Document control status and help maintain security governance documentation.

• Vulnerability Management

  • Assist with scheduling and reviewing infrastructure and application vulnerability scans.

  • Track and follow up on remediation actions with engineering and IT teams.

  • Maintain vulnerability metrics and dashboards to monitor risk posture.

• Privileged Access Management & Jumpbox Service

  • Assist in the administration of our privileged access management (PAM) platform.

  • Monitor usage of jumpbox or bastion host services, ensuring access is tightly controlled and logged.

  • Perform periodic reviews of privileged user access and entitlements.

• Cyber Security Awareness & Phishing Program

  • Administer and maintain our cyber security awareness platform.

  • Coordinate phishing simulations and training campaigns.

  • Generate reports on employee engagement, click rates, and training completion.

• Endpoint Security Administration

  • Monitor and maintain the endpoint detection and response (EDR) platform across corporate devices.

  • Ensure agents are up to date and properly configured.

  • Assist in policy tuning and baseline reporting.

• Asset Management & CMDB Accuracy

  • Support the management of the Configuration Management Database (CMDB).

  • Ensure asset registers are accurate, complete, and up to date.

  • Reconcile discrepancies across cloud, SaaS, and on-premises environments.

• General Duties

  • Support cyber security projects and process improvements as directed.

  • Maintain and update security operational procedures and documentation.

  • Participate in regular team meetings, threat briefings, and professional development.

  • Participate in an on-call rota (typically every 4 to 6 weeks) providing out-of-hours support for critical incidents only – covering weekdays from 5pm to 8am and 24/7 at weekends; non-critical issues are handled during standard office hours.

What we’re looking for from you:

• Enterprise experience in an IT, SOC analyst, or cyber security support role.

• Understanding of security operations, SIEM, and EDR concepts.

• Exposure to vulnerability management and endpoint security tools.

• Familiarity with privileged access concepts and asset management processes.

• Understanding of security frameworks and compliance standards (e.g., ISO27001, NIST CSF).

• Strong written and verbal communication skills with attention to detail.

• Bachelor’s degree in Cyber Security, Computer Science, Information Systems, or a related field (or working toward one).

• Industry certifications (any of the following preferred):

  • CompTIA Security+, CySA+, SSCP

  • Google Cloud Security Engineer (Associate)

Non-essential but desirable:

• Experience in a cloud-native environment (e.g., AWS, GCP, or Azure).

• Exposure to CI/CD, DevOps, or platform engineering environments.

• Familiarity with CMDB tools, PAM solutions (e.g., CyberArk, BeyondTrust), and security awareness platforms.

• Understanding of asset lifecycle management and IT service configuration.

What we offer you:

• 25 days holiday + Bank Holidays

• Pension Scheme

• Private Healthcare

• My Learning Pocket

• Referral Scheme

• Work from Anywhere

• Volunteering days

• Bitcoin Programme

• Spanish Language Classes

• Gym membership - Spain only currently

• Holiday buying- UK only currently

• 3-day onsite hybrid working model
  
  

Interview Process: Our interview process consists of; a short call with our internal talent team, a one stage 90 minute interview and finally a 30 minute conversation with our function leader. Our talent team will be there to give guidance and support you through the process.