1 to 25 of 89 PCI DSS Jobs in England

We are looking for an Information Security Analyst to join us on a 6 months FTC. This InfoSec Analyst role will be to ensure that PCI DSS certifications is achieved and maintaining all appropriate payment gateways used by Howdens. The role will also play a key role in managing security incidents and in assessing risks and vulnerabilities identified. … Northamptonshire and you will be expected to work onsite 2 days per week. What will I be doing as Information Security Analyst? Manage and deliver a plan to deliver PCI DSS certification to all appropriate payment gateways within Howdens. Work with 3rd party PCI DSS assessor, organise and scope the assessments Lead with incident management investigations … Howdens to ensure the Confidentiality, Integrity and Availability of Howdens information is maintained What we need from you Technical Operations Security experience with a focus on governance Experience of PCI DSS certification and maintaining this with a large organisation Ability to assess system controls based on a documented standard Will be able to demonstrate ability in problem analysis More ❯

AD), Windows Server environments, and authentication solutions. Plan for scalability, redundancy, and high availability to support future growth. IT Security & Compliance: Ensure compliance with security and regulatory standards, including PCI DSS, Cyber Essentials+, DORA, and ISO 27001. Implement and enforce security best practices across infrastructure automation and cloud environments. Maintain accurate compliance documentation, including PCI DSS scope records and security policies. Secure high-value and high-risk data, such as cardholder (PCI) and personally identifiable information (PII). Cloud & Automation (these tools and skills will be taught): Implement and manage Infrastructure as Code (IaC) for cloud and on-premises environments. Learn how to automate configuration management, infrastructure provisioning, and application deployment. Configure and maintain … essential. Desirable (but not required) experience: Some interest in learning and using automation tools such as Azure DevOps, Terraform, Node-Red, Packer. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Scripting and automation skills (PowerShell, Python, Bash, or similar). Ability to design, implement, and maintain CI/CD pipelines for More ❯

across all regions and entities. The scope includes KYC/KYB/AML vendor integrations, funnel efficiency, and cost optimization , as well as leading broader compliance projects such as PCI DSS certification, GDPR/data protection, FATF Travel Rule, and other regulatory requirements . You will be responsible for building scalable, automated solutions that support compliance operations worldwide … providers, build redundancy, and improve vendor routing to optimize both funnel performance and cost. Global Compliance Projects : Work with the compliance team to lead and deliver product solutions for PCI DSS, GDPR, FATF Travel Rule, AMLD , and other frameworks across jurisdictions. Automation & Efficiency : Identify manual workflows across compliance and risk operations, and design product-led automations with the … collaborate with engineers on backend workflows, APIs, and data pipelines. Proven success in automating compliance/risk operations and delivering compliance projects globally. Strong knowledge of global regulatory frameworks (PCI DSS, GDPR, FATF Travel Rule, AMLD, sanctions). Excellent stakeholder management; ability to align compliance, legal, operations, partnerships, engineering, and leadership. Nice-to-Haves Experience in high-growth More ❯

security controls catalogue, policies, and procedures aligned with NIST CSF Collaborate with business units to integrate security measures into operations Support compliance activities for frameworks such as Cyber Essentials, PCI DSS, and the Group Information Security Framework Facilitate reviews and updates to ensure controls remain effective against evolving threats Essential skills: Minimum 2 year's experience in information … controls catalogue in a financial services environment (highly desirable) Proven experience in delivering security projects within a federated organisation Desirable skills: Knowledge of NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, DORA Understanding of risk methodologies and data analysis for reporting Strong documentation skills (control matrices, process flows, SOPs) Excellent communication skills for both technical and non-technical More ❯

is well defined. Engage risk review and assurance activities across existing suppliers. Provide IT and business advice on aspects of security standards and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Engage with I&T system owners to provide training in relation to information security, cyber resilience, phishing, and facilitation of cyber scenario desktop simulations … consequences across both IT and manufacturing environments in manufacturing or similar industries. Experience working with information security standards and frameworks such as and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Proven analytical, problem-solving, planning, project delivery and supplier work packages management skills. Demonstrable experience of engaging across all levels of a company in More ❯

and assets. You will be responsible for designing and implementing the evolution of security standards, policies, and procedures to ensure ECC meets regulatory, legislative, and operational requirements (e.g., PSN, PCI-DSS, ICO, disaster recovery). Experience Needed: Strong strategic leadership experience across large scale organisations, with the ability to influence and communicate effectively at senior and political levels. … A track record of developing and implementing enterprise-wide cyber and information security strategies aligned with business goals. Extensive knowledge of relevant legal, regulatory, and technical frameworks, including PSN, PCI-DSS, GDPR, and disaster recovery. A passion for innovation, collaboration, and continuous improvement in cyber and information security. Why Join ECC? As Assistant Director Cyber Security, you'll More ❯

on time, within scope, and to a high standard. Specialist Migration Expertise: Oversee the secure migration of card credentials, encryption keys, and other sensitive financial data, ensuring compliance with PCI DSS and relevant regulatory requirements. Card Scheme Migration Processes: Manage migration activities in line with card scheme processes, procedures, and compliance standards. Liaise with scheme representatives to coordinate … reconciliation methodologies. Excellent stakeholder management skills, including board-level engagement. Strong problem-solving ability and resilience under pressure. Desirable Experience in a payments or card-issuing environment. Knowledge of PCI DSS compliance requirements. Familiarity with other card scheme migration processes (Visa, Amex). PRINCE2, PMP, or Agile project management certification. Why Apply? This is an opportunity to join More ❯

on time, within scope, and to a high standard. Specialist Migration Expertise: Oversee the secure migration of card credentials, encryption keys, and other sensitive financial data, ensuring compliance with PCI DSS and relevant regulatory requirements. Card Scheme Migration Processes: Manage migration activities in line with card scheme processes, procedures, and compliance standards. Liaise with scheme representatives to coordinate … reconciliation methodologies. Excellent stakeholder management skills, including board-level engagement. Strong problem-solving ability and resilience under pressure. Desirable Experience in a payments or card-issuing environment. Knowledge of PCI DSS compliance requirements. Familiarity with other card scheme migration processes (Visa, Amex). PRINCE2, PMP, or Agile project management certification. Why Apply? This is an opportunity to join More ❯

Application Security Data Protection & Encryption Kubernetes, Containers, and DevSecOps/MLOps practices SIEM, logging, and monitoring Zero Trust architectures Skilled in applying frameworks such as NIST CSF, ISO 27001, PCI DSS, CSA CCM, NIST AI RMF . Hands-on with tools for vulnerability management, secrets management, CSPM, and CWPP . Relevant certifications strongly preferred (CISSP, CCSP, TOGAF, AWS More ❯

initiatives, including migration of legacy applications to cloud-native platforms and adoption of SaaS/PaaS solutions. Understanding of UK financial regulations, GDPR, and industry standards (ISO 27001, NIST, PCI DSS, etc). Experience running risk assessments, threat modelling, and security testing programmes. Ability to engage and influence senior stakeholders, balancing security with commercial and operational priorities. Strong More ❯

initiatives, including migration of legacy applications to cloud-native platforms and adoption of SaaS/PaaS solutions. Understanding of UK financial regulations, GDPR, and industry standards (ISO 27001, NIST, PCI DSS, etc). Experience running risk assessments, threat modelling, and security testing programmes. Ability to engage and influence senior stakeholders, balancing security with commercial and operational priorities. Strong More ❯

with security controls such as Firewalls, IDS, IPS, and NAC. Familiarity with cloud platforms: AWS, GCP, Azure, and Microsoft Office 365. Knowledge of information security standards including ISO 27001, PCI-DSS, GDPR. Strong grasp of IT domains including Linux, Windows, networking, containers, IAM, and monitoring. Understanding of ISO27001, ISO27005, NIST security controls, WAF, and network segmentation. Desirable Extras More ❯

5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

network architectures (e.g., LAN, WAN, DMZ) and topologies, network protocols, routing, switching, and subnetting. Ensure network security measures are aligned with relevant compliance standards and regulations (e.g., GDPR, HIPAA, PCI DSS). Conduct regular security audits and assessments to identify and address compliance gaps. Familiarity with industry standards and frameworks like NIST Cybersecurity Framework, ISO 27001, and CIS More ❯

network architectures (e.g., LAN, WAN, DMZ) and topologies, network protocols, routing, switching, and subnetting. Ensure network security measures are aligned with relevant compliance standards and regulations (e.g., GDPR, HIPAA, PCI DSS). Conduct regular security audits and assessments to identify and address compliance gaps. Familiarity with industry standards and frameworks like NIST Cybersecurity Framework, ISO 27001, and CIS More ❯

and blueprints. What You'll Bring Prior and proven experience gained as a Security Architect or in a Technical Cyber Consultant/Engineer role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications More ❯

to cloud solutions. Strong analytical skills for complex technical issues. Proven ability in designing cyber security systems and governance. Familiar with tools and frameworks (e.g. NCSC, NIST, MITRE, GDPR, PCI DSS). Deep understanding of security controls (e.g. firewalls, SIEM, SOC, DLP). Proficient in leading and coordinating incident response. Effective at managing multiple priorities under pressure. Excellent More ❯

Lead roles JSP440, JSP604/453 & JSP490 Working with system secure design MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience More ❯

risk management tools and techniques Experience of security governance and compliance, ideally gained in financial services organisations Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCI DSS Awareness and understanding of the Information Security threat landscape Deep understanding of Information Security solutions and controls Experience of Cloud security solutions and standards is highly advantageous More ❯

risk management tools and techniques Experience of security governance and compliance, ideally gained in financial services organisations Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCI DSS Awareness and understanding of the Information Security threat landscape Deep understanding of Information Security solutions and controls Experience of Cloud security solutions and standards is highly advantageous More ❯

Lead roles JSP440, JSP604/453 & JSP490 Working with system secure design MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience More ❯