risks. To develop and embed best-practice security processes and knowledge into technical teams aligned to Zero Trust principles and in line with industry standards and frameworks (e.g. NIST, PCIDSS). To identify opportunities for automation and optimization and drive maximum value from existing technologies and services to strengthen Clarks' overall security posture. DIMENSIONS Financial : No direct … and architecture teams to plan and deliver remediation activities Supporting the development of relevant security roadmaps and activity plans aligned to Zero Trust principles and common industry frameworks (NIST, PCIDSS etc) Assisting in the review and development of operational processes and procedures required to maintain cyber security for I T services, including managing endpoint compliance, system hardening … of privacy and data protection laws and regulations and how they apply to technology environments (e.g. GDPR, PIPL etc) Knowledge of other regulatory or compliance frameworks such as ISO, PCIDSS, NIST etc Likely to hold at least one common security certification (CEH, CCSP, CISSP, OSCP) alongside other relevant IT certifications (ITIL, AMP, Prince2 etc) preferred Additional technologies More ❯
procedures in alignment with business objectives, while considering operational needs. Direct the management and continuous improvement of the Information Security Management System (ISMS). Oversee and manage Ravelin's PCIDSS and PCI 3DS compliance program, ensuring requirements are fulfilled, maintained, and areas for enhancement are identified. Conduct routine risk assessments to determine and reduce information security … robust cyber incident response plan, including coordinating necessary responses to incidents and security investigations. Requirements Extensive practical experience implementing and maintaining an ISO 27001 compliant ISMS. Demonstrable experience with PCIDSS compliance, including preparing for and undergoing assessments. Familiarity with information security frameworks (e.g., NIST, CIS). Proficiency in risk management methodologies. Knowledge of common security technologies (e.g. More ❯
AD), Windows Server environments, and authentication solutions. Plan for scalability, redundancy, and high availability to support future growth. IT Security & Compliance: Ensure compliance with security and regulatory standards, including PCIDSS, Cyber Essentials+, DORA, and ISO 27001. Implement and enforce security best practices across infrastructure automation and cloud environments. Maintain accurate compliance documentation, including PCIDSS scope records and security policies. Secure high-value and high-risk data, such as cardholder (PCI) and personally identifiable information (PII). Cloud & DevOps Integration (these tools and skills will be taught): Implement and manage Infrastructure as Code (IaC) for cloud and on-premises environments. Configure and maintain authentication solutions (SSO, SAML, Entra Connect). Develop and manage … CIS, PCIDSS, Cyber Essentials, NIST, ISO 27001). In-depth understanding of network security and compliance in regulated environments. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Strong networking knowledge (LAN, WAN, DNS, DHCP, VPN, TCP/IP). Proficiency in firewall and load balancer technologies for secure More ❯
Loughton, Essex, South East, United Kingdom Hybrid / WFH Options
Profile 29
a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCIDSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using … Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCIDSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting … Profile 29s privacy policy can be found at: profile-29 .com/privacy) Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidsspcidsspci-dss soar loughton Debden essex London More ❯
UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if handling paymentdata) Experience in: Managing vendor risk assessments for third-party compliance. Handling incident response & reporting (e.g., Data Breach Notifications under GDPR). Key Skills … Strong reporting and communication skills-ability to brief executives and regulators. Ability to design, implement, and enforce security policies . Key Responsibilities: Ensure compliance with GDPR, Cyber Essentials Plus, PCI-DSS, and other applicable standards. Align ISMS activities with ISO 27001 framework. Develop and implement security policies, controls, and procedures. Conduct security risk assessments & compliance audits. Manage incident More ❯
of Linux, Windows, Apple & Android OS. Knowledge of network perimeter security, including firewalls, WAF, anti-virus, and O365 compliance & security centre. Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR. Experience operating and managing SIEM solutions, vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for security automation. Experience working More ❯
Windows, Apple & Android OS . Knowledge of network perimeter security, including firewalls, WAF, anti-virus, and O365 compliance & security centre . Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR . Experience operating and managing SIEM solutions , vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for security automation. Experience More ❯
testing (AWS, Azure, or Google Cloud). Certifications such as ISTQB, CISSP, CISM, or CyberArk Defender are a plus. Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS). Kind Regards -- Priyanka Sharma Senior Delivery Consultant Office: 02033759240 Email: psharma@vallumassociates.com More ❯
PO15, Whiteley, Hampshire, United Kingdom Hybrid / WFH Options
Stratospherec Ltd
CIS, PCIDSS, Cyber Essentials, NIST, ISO 27001). In-depth understanding of network security and compliance in regulated environments. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Strong networking knowledge (LAN, WAN, DNS, DHCP, VPN, TCP/IP). Proficiency in firewall and load balancer technologies for secure … solutions (Veeam or similar). Experience with monitoring tools (SolarWinds SentryOne, Zabbix, etc.). Excellent problem-solving, communication, and documentation skills. Some familiarity with financial services regulations and compliance (PCIDSS, GDPR, DORA) would be useful but not essential. Desirable/bonus (but not essential) skills and experience: Some interest in learning and using automation tools such as More ❯
Bexhill-On-Sea, East Sussex, South East, United Kingdom Hybrid / WFH Options
Hastings Direct
with Infrastructure-as-Code (e.g., Bicep, ARM templates, Terraform). Hands-on experience with SIEM tools, ideally Azure Sentinel. Understanding of regulatory and compliance frameworks (e.g., CIS Benchmarks, HIPAA, PCI-DSS). Excellent problem-solving skills, communication, and the ability to explain technical concepts to non-technical stakeholders. Desirable: Relevant certifications such as AZ-500, SC-100, or More ❯
and frameworks (e.g., NIST 800-53, ISO 27001/27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing). Knowledge of cloud technologies (AWS, Azure). Experience using generative AI … Data collection, validation, analysis, and interpretation. Experience Researching and applying latest technologies. Experience with Agile methodology. Big 4 accounting experience. Hold a professional certification such as CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor, or equivalent. Additional Information This is a permanent hybrid role in Costa Rica. No relocation available. Culture at Experian Our uniqueness is that we More ❯
strategies , ensuring security and performance Work with Terraform, Deployment Manager, and CloudFormation for IaC-based deployments Security and Compliance: Implement cloud security measures and ensure compliance with ISO 27001, PCIDSS, GDPR, and other industry standards Define cloud architecture standards and best practices for a secure cloud environment Performance Optimisation: Monitor and optimise cloud resources for performance, scalability More ❯
and frameworks (e.g., NIST 800-53, ISO 27001/27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing). Knowledge of cloud technologies (AWS, Azure). Experience using generative AI … Data collection, validation, analysis, and interpretation. Experience Researching and applying latest technologies. Experience with Agile methodology. Big 4 accounting experience. Hold a professional certification such as CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor, or equivalent. Additional Information This is a permanent hybrid role in Costa Rica. No relocation available. Culture at Experian Our uniqueness is that we More ❯
testing (AWS, Azure, or Google Cloud). Certifications such as ISTQB, CISSP, CISM, or CyberArk Defender are a plus. Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS). All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to More ❯
testing (AWS, Azure, or Google Cloud). * Certifications such as ISTQB, CISSP, CISM, or CyberArk Defender are a plus. * Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS). All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to More ❯
as part of a team Ability to travel to meet business needs Preferred competencies: Relevant cyber security or other qualifications, certifications such as CSX-P, CDPSE, SSCP, CAP, OWASP, PCIDSSSecurity Cleared with potential to gain enhanced clearances Experience implementing privacy solutions based on the requirements of the EU GDPR and UK Data Protection Act 2018 Good More ❯
Farnborough, Hampshire, South East, United Kingdom
Gama Group Limited
Knowledge of security and data privacy controls within Microsoft Azure Cloud stack with hands on experience configuring and monitoring within Azure Knowledge of UK Government security standards Knowledge of PCI-DSS and achieving suitable standards within software In addition to a Competitive Salary, we will offer you: Competitive Group Pension Scheme Comprehensive Life Assurance * Comprehensive Income Protection * Comprehensive More ❯
GDPR, ISO 27001, and Cyber Essentials, and a willingness to navigate evolving guidance such as Network and Information Systems Regulations 2018 (NIC) or PaymentCardIndustryDataSecurity Standards (PCIDSS) Strong communication and documentation skills, with the ability to collaborate effectively with cross-functional teams, including Engineering, Product, and Legal. A self-starter mindset, who is proactive … and growth. Desirable Qualifications and/or knowledge (any of the following): Certifications or practical experience as/in CISMP, CompTIA Security+, ISO 27001 Lead Implementer, CISM, CISSP, or PCIDSS QSA. Awareness of key regulations, including UK GDPR, Data Protection Act 2018, and the NIS Regulations An understanding of security risk management, governance, and policy implementation Awareness More ❯
experience: You will have worked on a variety of challenging projects, with multiple security tools & be confident working with internal stakeholders to make sure the organization is compliant with PCIDSS, ISO/IEC 27001, SOC & HIPAA & IRAP controls. Strong understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. Knowledge of security compliance standards … relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. Experience of external penetration testing scopes. Experience securing code reviews and security approvals Experience in Cryptography management & enhancements We value teamwork, collaboration & technical excellence – the company are heavily weighted toward technical staff (as you would hope, for a Software company!) so you must be comfortable within More ❯
Central London, London, England, United Kingdom Hybrid / WFH Options
hireful
experience: You will have worked on a variety of challenging projects, with multiple security tools & be confident working with internal stakeholders to make sure the organization is compliant with PCIDSS, ISO/IEC 27001, SOC & HIPAA & IRAP controls. Strong understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. Knowledge of security compliance standards … relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. Experience of external penetration testing scopes. Experience securing code reviews and security approvals Experience in Cryptography management & enhancements We value teamwork, collaboration & technical excellence – the company are heavily weighted toward technical staff (as you would hope, for a Software company!) so you must be comfortable within More ❯
Liverpool, Lancashire, United Kingdom Hybrid / WFH Options
Techwaka
practices Provide specialist security support to IT teams, including infrastructure, development, and database teams Work with stakeholders to maintain compliance with industry standards such as ISO27001, Cyber Essentials Plus, PCI/DSS Stay ahead of cyber threats, maintaining and improving security monitoring and risk management processes Support vulnerability management, penetration testing, and incident response Requirements for this role More ❯
Loughton, Essex, England, United Kingdom Hybrid / WFH Options
Profile 29
a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCIDSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using … Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCIDSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting … to work in the UK unrestricted for at least the next 5 years. Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidsspcidsspci-dss soar loughton Debden essex London More ❯
plus Solid understanding of SaaS platforms and their identity integration Understanding of Zero Trust Architecture principles Familiarity with IT security frameworks and compliance standards (e.g., NIST, GDPR, SOC 2, PCIDSS, HIPAA) Awareness of logging, monitoring, and alerting practices related to identity and access events Basic understanding of email security and DNS Backup and recovery awareness for identity More ❯
received• Clear and consistent communication skills across a variety of channels, fostering productive and strong working relationships Critical competencies - technical fit • Good understanding of at least one audit framework; PCIDSS, ISO 27001, Cyber Essentials, NIST, SOC 2, NIS2, Microsoft 365 Certification, etc.• Ability to deliver, without supervision/support, at least one Cyber Practice GRC service• Aptitude … Cyber Securityindustry• Take own initiative to expand information security knowledge• Ability to write concise, accurate and timely reports Desirable competencies • Exposure to multiple industry audit/compliance frameworks; PCIDSS, ISO 27001, Cyber Essentials, NIST, SOC 2, NIS2, etc.• Exposure to Amazon AWS, Microsoft Azure or Google GCPs cloud platforms• Data Privacy Experience, e.g. GDPR, DPA2018 More ❯