1 to 25 of 207 PCI DSS Jobs

Role This is a unique and exciting opportunity for a seasoned PCI DSS expert to take ownership of and drive the growth of the Payment Card Industry (PCI) service line. This role is a perfect blend of deep technical consulting, strategic client advisory, and sophisticated business development. You will act as the lead subject matter expert, guiding … mid-market clients through the complexities of achieving and maintaining PCI DSS compliance. You will also contribute and share in the rewards for the commercial success of the practice, identifying and winning new business with both existing and prospective customers by acting as a trusted, credible advisor. Key Responsibilities Consulting & Delivery (approx. 80%) Lead and deliver a range … of PCI DSS compliance services, including Gap Analyses, Scoping Workshops, Remediation Advisory, and formal assessments (Report on Compliance (RoC) and Self-Assessment Questionnaires (SAQ)). Act as a virtual CISO or trusted security advisor to key clients, providing ongoing strategic guidance on their compliance programmes. Translate complex technical PCI DSS requirements and security findings into clear More ❯

GRC Analyst - Payments/PCI-DSS/AoC Manchester - office based £55k pa A successful technology company are seeking a GRC Analyst to join their growing Security team and be responsible for risk management, compliance monitoring and governance support as well as 3rd party vendor risk management. As an experienced Payments GRC Analyst you will ensure compliance with … all relevant regulations including PCI-DSS, GDPR, NIS Regulations and the Data Protection Act 2018. You will be able to demonstrate Attestation of Compliance (AoC) experience alongside experience of ensuring compliance with ISO27001 and relevant organisational standards. This role will require excellent technical GRC and PCI-DSS knowledge, good organisational skills and the ability to communicate … critical security information and requirements to both internal and external stakeholders. PCI-DSS and Attestation of Compliance experience is a must have for this position. Please send a CV detailing the required experience for consideration. GRC Analyst - Payments/PCI-DSS/AoC Manchester - office based £55k pa More ❯

AD), Windows Server environments, and authentication solutions. Plan for scalability, redundancy, and high availability to support future growth. IT Security & Compliance: Ensure compliance with security and regulatory standards, including PCI DSS, Cyber Essentials+, DORA, and ISO 27001. Implement and enforce security best practices across infrastructure automation and cloud environments. Maintain accurate compliance documentation, including PCI DSS scope records and security policies. Secure high-value and high-risk data, such as cardholder (PCI) and personally identifiable information (PII). Cloud & Automation (these tools and skills will be taught): Implement and manage Infrastructure as Code (IaC) for cloud and on-premises environments. Learn how to automate configuration management, infrastructure provisioning, and application deployment. Configure and maintain … essential. Desirable (but not required) experience: Some interest in learning and using automation tools such as Azure DevOps, Terraform, Node-Red, Packer. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Scripting and automation skills (PowerShell, Python, Bash, or similar). Ability to design, implement, and maintain CI/CD pipelines for More ❯

months (Inside IR35) Day Rate: £462 per day Location: Milton Keynes (1–2 days onsite per week) Overview: We are seeking an experienced Solution Architect with strong expertise in PCI DSS v4 to support a leading financial services organisation on a long-term engagement. The successful candidate will work closely with stakeholders to design, assure, and govern secure … within the payment card ecosystem. Key Responsibilities: Develop solution options, architectural designs, and impact assessments that meet business and compliance objectives. Provide assurance across solution designs, ensuring alignment with PCI DSS requirements and best practice. Drive solutions through established governance processes, balancing compliance, security, and operational effectiveness. Collaborate with business and technical stakeholders to embed PCI DSS … Required: Proven experience as a Solution Architect in enterprise-scale or regulated environments. Strong understanding of the payment card ecosystem . In-depth knowledge and hands-on experience with PCI DSS v4 compliance requirements and levels. Track record of producing architectural deliverables and supporting governance processes. Excellent communication and stakeholder engagement skills. More ❯

the most critical risks Act as a key security advisor to engineering teams, providing expert guidance on security best practices, vulnerability mitigation, and secure design patterns Translate regulatory requirements (PCI DSS, SOC 2, ISO 27001) into concrete technical controls and implementation plans in collaboration with the GRC team Lead incident response efforts, including investigation and remediation of security … vulnerabilities, and mitigation techniques What skills are desirable, but not essential: Hands-on experience helping a company achieve and maintain compliance with frameworks like SOC 2, ISO 27001, or PCI DSS Experience in automating security controls and compliance checks against standards and frameworks which include SOC 2, ISO 27001, PCI DSS/3DS Experience performing secure More ❯

own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical … projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability … Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in More ❯

own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical … projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability … Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in More ❯

own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical … projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability … Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in More ❯

own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical … projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability … Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in More ❯

impact projects within a forward-thinking, supportive environment that values expertise, innovation, and growth. KEY RESPONSIBILITIES: Deliver high-quality GRC services, including: ISO 27001 NIST Gap Analysis CAF Assessments PCI DSS CSMA, ISF, and CIS Assessments Develop and maintain in-house methodologies, templates, and delivery playbooks for core GRC services. Conduct client workshops, interviews, and assessments to gather … Computer Science, Risk Management, or a related field, or equivalent professional experience. - ESSENTIAL Professional Experience One or more of the following: ISO 27001 Lead Auditor or Lead Implementer certification PCI DSS Qualified Security Assessor (QSA) or Internal Security Assessor (ISA) NIST Cybersecurity Framework or CAF-related training/accreditation Certified Information Systems Security Professional (CISSP) Certified Information Security … tabletop exercises, or assurance testing engagements. - DESIRABLE Other Requirements Strong understanding of governance, risk, and compliance principles, including key frameworks and regulations such as ISO 27001, NIST CSF, CAF, PCI DSS, and GDPR. - ESSENTIAL Excellent written and verbal communication skills, with the ability to translate technical requirements into business language. - ESSENTIAL Ability to travel to client sites as More ❯

and access control mechanisms. Conduct vulnerability assessments and remediation using tools like Nessus, Tenable, Qualys, and Trivy. Ensure compliance with industry frameworks and regulations (ISO 27001, NIST 800-53, PCI DSS, HIPAA, FedRAMP, CJIS). Collaborate with application and infrastructure teams to embed security best practices throughout the software development lifecycle. Configure network segmentation, security groups, and endpoint … Terraform, Ansible, Docker, Kubernetes, Jenkins, GitHub Actions. Experience implementing and managing CSPM and CWPP solutions (Wiz, Prisma Cloud, Ermetic, CrowdStrike). Solid understanding of compliance standards (ISO 27001, NIST, PCI DSS, HIPAA, FedRAMP). Strong analytical, troubleshooting, and collaboration skills, with the ability to manage security across complex enterprise environments. Preferred Qualification Proven expertise in multi-cloud security … such as Wiz, Prisma Cloud, CrowdStrike, and CyberArk, integrating them for continuous posture management, threat detection, and compliance. Deep understanding of security frameworks and compliance standards (ISO 27001, NIST, PCI DSS, FedRAMP) with the ability to align enterprise cloud environments to governance best practices. More ❯

an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System (ISMS) * Coordinate internal and external audit readiness for … ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote good security practices and raise awareness across departments * Act as an escalation … and standards relating to information and cyber security Key Skills & Experience: Essential: * Background in IT, Cyber Security, Information Systems, or a related discipline * Strong working knowledge of ISO 27001, PCI DSS, and Cyber Essentials Plus * Proven ability to support and prepare for audits, including evidence collation and audit readiness * Excellent attention to detail and ability to produce high More ❯

cybersecurity, with at least 1 year supporting azure, IIS, Active Directory, SQL database, and critical infrastructure environments. Familiarity with SIEM tools, log analysis, and incident response workflows. Familiarity with PCI DSS 4.0+ security requirements. Working knowledge of networking protocols, system hardening, and asset inventory practices. Strong analytical, communication, and collaboration skills. Experience supporting or securing tolling systems, traffic … management infrastructure, or roadside equipment. Knowledge of security frameworks such as PCI DSS, NIST 800-53, NIST 800-82, or CIS Controls. Certifications such as GICSP, GCIA, CompTIA Security+, or CISSP. Experience working with third-party vendors and supporting environments with both state-managed and vendor-managed components. Requirements: Experience supporting or securing tolling systems, traffic management infrastructure … or roadside equipment -Highly desired 5 Years Knowledge of security frameworks such as PCI DSS, SEC 530, NIST 800-53, NIST 800-82, or CIS Controls -Highly desired 5 Years Experience working with third-party vendors and supporting environments with both state-managed and vendor-managed components -Highly desired 5 Years More ❯

security (firewalls, VPCs), and identity and access management (IAM) for data and model assets. Compliance & Governance: Ensure the MLOps platform adheres to stringent financial industry regulations (e.g., GDPR, SOX, PCI-DSS, SWIFT CSCF) and internal policies (Model Risk Management). Automate compliance evidence collection. Threat Modeling & Risk Assessment: Proactively conduct threat modeling for AI/ML systems, identifying … and/or Bash. Ability to write automation scripts and understand data science code for security reviews. Financial Sector Compliance: Familiarity with financial industry regulations and standards (e.g., GDPR, PCI-DSS, SWIFT CSCF) and their technical implications. Qualifications & Experience (Preferred) Relevant security certifications (e.g., CISSP, CCSP, AWS/Azure Security Specialist). Kubernetes security certifications (e.g., CKS - Certified More ❯

as a partner to the business and provide oversight, assurance and governance to ensure controls are effectively implemented. Security Frameworks : Understanding of security frameworks such as ISO:27001 and PCI-DSS. Strong Communication Skills : Ability to communicate effectively to colleagues at all levels, both verbally and in writing, and translate complex technical information to non-technical audiences while building … strong relationships with key stakeholders. What's involved: Implement and maintain established control frameworks such as ISO27001 and PCI-DSS and other relevant security frameworks, including the creation of policies, standards, and other documentation. Lead the governance, oversight, and assurance on technical security controls and technical design on both new and existing solutions in FCG's network and … frameworks, including experience and proficiency in cloud security. Experience and expertise in Azure environment security, vulnerability management, and associated processes. Detailed knowledge of Information Security frameworks and standards, particularly PCI-DSS, ISO27001, and other cyber frameworks. Experience of managing Information Security in an Agile Change Environment. Proven track record of undertaking control assurance reviews against best practice standards More ❯

made available to all staff and volunteers increasing awareness among these groups. Develop policies and procedures in accordance with industry regulations and standards such as Data Protection Act 2018, PCI-DSS, and ISO27001. Monitor tools for data governance, data security, and compliance to manage information security risks and regulatory requirements and detect and investigate possible information security incidents. … management. Familiarity with ITIL practices and risk management methodologies. Significant proven experience with cyber security incident management and response Strong knowledge of security standards and regulations, such as GDPR, PCI-DSS, and ISO27001 Experience of delivering data protections specifically data loss prevention, sensitivity labelling and retention (using Microsoft Purview) Experience of managing projects through to completion Skills & Attributes More ❯

made available to all staff and volunteers increasing awareness among these groups. Develop policies and procedures in accordance with industry regulations and standards such as Data Protection Act 2018, PCI-DSS, and ISO27001. Monitor tools for data governance, data security, and compliance to manage information security risks and regulatory requirements and detect and investigate possible information security incidents. … management. Familiarity with ITIL practices and risk management methodologies. Significant proven experience with cyber security incident management and response Strong knowledge of security standards and regulations, such as GDPR, PCI-DSS, and ISO27001 Experience of delivering data protections specifically data loss prevention, sensitivity labelling and retention (using Microsoft Purview) Experience of managing projects through to completion Skills & Attributes More ❯

culture across the organisation through training, awareness campaigns, and policy enforcement. Maintain oversight of cyber KPIs, threat intelligence, and incident response protocols. Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, NIST, ISO 27001) Build and maintain strategic relationships with external partners, including regulators and the National Cyber Security Centre. Represent cyber security in major organisational change programmes … ISC), ISACA, BCS). Essential Knowledge and Experience Demonstrable experience leading cyber security in large, complex organisations. Deep understanding of cyber security frameworks and standards (e.g., NIST, ISO 27001, PCI DSS). Proven track record of developing and delivering cyber strategies and managing risk at an enterprise level. Strong technical knowledge of modern security technologies and principles, including More ❯

culture across the organisation through training, awareness campaigns, and policy enforcement. Maintain oversight of cyber KPIs, threat intelligence, and incident response protocols. Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, NIST, ISO 27001) Build and maintain strategic relationships with external partners, including regulators and the National Cyber Security Centre. Represent cyber security in major organisational change programmes … ISACA, BCS). Essential Knowledge and Experience Demonstrable experience leading cyber security in large, complex organisations. Deep understanding of cyber security frameworks and standards (e.g., NIST, ISO 27001, PCI DSS). Proven track record of developing and delivering cyber strategies and managing risk at an enterprise level. Strong technical knowledge of modern security technologies and principles, including Azure More ❯

triaging alerts, investigating incidents, identifying root causes, and coordinating response actions Implement and manage security controls across AWS, Azure, and on-prem environments, aligning with frameworks like ISO 27001, PCI-DSS Build and maintain clear, actionable dashboards and reports for technical and leadership teams, covering threats, vulnerabilities, incident trends, and control effectiveness Keep our documentation tight - from runbooks … especially AWS and Azure - and applying cloud security principles in live environments Experience in a regulated industry, ideally financial services, with knowledge of relevant compliance standards (e.g., ISO 27001, PCI-DSS) Hands-on expertise with Microsoft security tools - including Defender for Endpoint, Defender for Cloud, Defender for Identity, Microsoft Purview, Taegis, Z-Scaler or equivalents A strong infrastructure More ❯

evolving threats. Youll be part of a collaborative, award-winning team that blends deep technical knowledge with commercial insight , supporting global organisations with frameworks including ISO 27001, SOC 2, PCI-DSS, GDPR, DORA, and NIS2 . The Role: Lead and deliver GRC engagements for large enterprise clients , including readiness assessments, internal audits, and advisory projects. Act as a … consultancy methodologies. Desired Experience: Proven experience in GRC consulting, audit, or information security management within large or regulated organisations. Strong knowledge of ISO 27001 and SOC 2 (experience with PCI-DSS, NIST, DORA, or NIS2 advantageous). Excellent communication and presentation skills, confident in C-level workshops and stakeholder management . Organised, self-motivated, and experienced managing multiple More ❯

the organisation Stay current with GRC trends, standards, and best practices Assist in managing the Security GRC Framework Collaborate with stakeholders, auditors, and vendors Support compliance activities (CAF, SEMD, PCI DSS, ISO27001) Monitor and report on security compliance and incidents Conduct controls testing and coordinate audit findings Advise on compliance matters and manage policy exemptions Liaise with Data …/DEFEND, and other security frameworks Solid understanding of cyber security, including Cyber Essentials and social engineering Awareness of current IS technologies, threats, and vulnerabilities Familiarity with ISO 27001, PCI DSS, and ITIL frameworks Hands-on experience with risk management tools and processes Skilled at translating business needs into security solutions Experience developing and maintaining IS policies and More ❯

rail client once again to support with the growth of their exceptional technology team for their Information Security Manager. The Role: Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management. Working alongside the DPO and Head of Technology to support on areas of data protection. Lead collaboration with key partners for train onboard systems … the information security incident response program Manage implementation and deployment of Information Security Management System (ISMS). Line management of the internal InfoSec specialists. Requirements Extensive experience working with PCI-DSS and ISO27001 Strong understanding on security tools such as IDS/IPS. Demonstrable experience of leading Information Security, Governance, Compliance teams. Ideally a form of cybersecurity qualification More ❯

rail client once again to support with the growth of their exceptional technology team for their Information Security Manager. The Role: Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management. Working alongside the DPO and Head of Technology to support on areas of data protection. Lead collaboration with key partners for train onboard systems … the information security incident response program Manage implementation and deployment of Information Security Management System (ISMS). Line management of the internal InfoSec specialists. Requirements Extensive experience working with PCI-DSS and ISO27001 Strong understanding on security tools such as IDS/IPS. Demonstrable experience of leading Information Security, Governance, Compliance teams. Ideally a form of cybersecurity qualification More ❯

rail client once again to support with the growth of their exceptional technology team for their Information Security Manager. The Role: Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management. Working alongside the DPO and Head of Technology to support on areas of data protection. Lead collaboration with key partners for train onboard systems … the information security incident response program Manage implementation and deployment of Information Security Management System (ISMS). Line management of the internal InfoSec specialists. Requirements Extensive experience working with PCI-DSS and ISO27001 Strong understanding on security tools such as IDS/IPS. Demonstrable experience of leading Information Security, Governance, Compliance teams. Ideally a form of cybersecurity qualification More ❯