1 to 25 of 92 PCI DSS Jobs in England

GRC Analyst - Payments/PCI-DSS/AoC Manchester - office based £55k pa A successful technology company are seeking a GRC Analyst to join their growing Security team and be responsible for risk management, compliance monitoring and governance support as well as 3rd party vendor risk management. As an experienced Payments GRC Analyst you will ensure compliance with … all relevant regulations including PCI-DSS, GDPR, NIS Regulations and the Data Protection Act 2018. You will be able to demonstrate Attestation of Compliance (AoC) experience alongside experience of ensuring compliance with ISO27001 and relevant organisational standards. This role will require excellent technical GRC and PCI-DSS knowledge, good organisational skills and the ability to communicate … critical security information and requirements to both internal and external stakeholders. PCI-DSS and Attestation of Compliance experience is a must have for this position. Please send a CV detailing the required experience for consideration. GRC Analyst - Payments/PCI-DSS/AoC Manchester - office based £55k pa More ❯

AD), Windows Server environments, and authentication solutions. Plan for scalability, redundancy, and high availability to support future growth. IT Security & Compliance: Ensure compliance with security and regulatory standards, including PCI DSS, Cyber Essentials+, DORA, and ISO 27001. Implement and enforce security best practices across infrastructure automation and cloud environments. Maintain accurate compliance documentation, including PCI DSS scope records and security policies. Secure high-value and high-risk data, such as cardholder (PCI) and personally identifiable information (PII). Cloud & Automation (these tools and skills will be taught): Implement and manage Infrastructure as Code (IaC) for cloud and on-premises environments. Learn how to automate configuration management, infrastructure provisioning, and application deployment. Configure and maintain … essential. Desirable (but not required) experience: Some interest in learning and using automation tools such as Azure DevOps, Terraform, Node-Red, Packer. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Scripting and automation skills (PowerShell, Python, Bash, or similar). Ability to design, implement, and maintain CI/CD pipelines for More ❯

months (Inside IR35) Day Rate: £462 per day Location: Milton Keynes (1–2 days onsite per week) Overview: We are seeking an experienced Solution Architect with strong expertise in PCI DSS v4 to support a leading financial services organisation on a long-term engagement. The successful candidate will work closely with stakeholders to design, assure, and govern secure … within the payment card ecosystem. Key Responsibilities: Develop solution options, architectural designs, and impact assessments that meet business and compliance objectives. Provide assurance across solution designs, ensuring alignment with PCI DSS requirements and best practice. Drive solutions through established governance processes, balancing compliance, security, and operational effectiveness. Collaborate with business and technical stakeholders to embed PCI DSS … Required: Proven experience as a Solution Architect in enterprise-scale or regulated environments. Strong understanding of the payment card ecosystem . In-depth knowledge and hands-on experience with PCI DSS v4 compliance requirements and levels. Track record of producing architectural deliverables and supporting governance processes. Excellent communication and stakeholder engagement skills. More ❯

the most critical risks Act as a key security advisor to engineering teams, providing expert guidance on security best practices, vulnerability mitigation, and secure design patterns Translate regulatory requirements (PCI DSS, SOC 2, ISO 27001) into concrete technical controls and implementation plans in collaboration with the GRC team Lead incident response efforts, including investigation and remediation of security … vulnerabilities, and mitigation techniques What skills are desirable, but not essential: Hands-on experience helping a company achieve and maintain compliance with frameworks like SOC 2, ISO 27001, or PCI DSS Experience in automating security controls and compliance checks against standards and frameworks which include SOC 2, ISO 27001, PCI DSS/3DS Experience performing secure More ❯

own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical … projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability … Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in More ❯

own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical … projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability … Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in More ❯

own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical … projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability … Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in More ❯

impact projects within a forward-thinking, supportive environment that values expertise, innovation, and growth. KEY RESPONSIBILITIES: Deliver high-quality GRC services, including: ISO 27001 NIST Gap Analysis CAF Assessments PCI DSS CSMA, ISF, and CIS Assessments Develop and maintain in-house methodologies, templates, and delivery playbooks for core GRC services. Conduct client workshops, interviews, and assessments to gather … Computer Science, Risk Management, or a related field, or equivalent professional experience. - ESSENTIAL Professional Experience One or more of the following: ISO 27001 Lead Auditor or Lead Implementer certification PCI DSS Qualified Security Assessor (QSA) or Internal Security Assessor (ISA) NIST Cybersecurity Framework or CAF-related training/accreditation Certified Information Systems Security Professional (CISSP) Certified Information Security … tabletop exercises, or assurance testing engagements. - DESIRABLE Other Requirements Strong understanding of governance, risk, and compliance principles, including key frameworks and regulations such as ISO 27001, NIST CSF, CAF, PCI DSS, and GDPR. - ESSENTIAL Excellent written and verbal communication skills, with the ability to translate technical requirements into business language. - ESSENTIAL Ability to travel to client sites as More ❯

an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System (ISMS) * Coordinate internal and external audit readiness for … ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote good security practices and raise awareness across departments * Act as an escalation … and standards relating to information and cyber security Key Skills & Experience: Essential: * Background in IT, Cyber Security, Information Systems, or a related discipline * Strong working knowledge of ISO 27001, PCI DSS, and Cyber Essentials Plus * Proven ability to support and prepare for audits, including evidence collation and audit readiness * Excellent attention to detail and ability to produce high More ❯

made available to all staff and volunteers increasing awareness among these groups. Develop policies and procedures in accordance with industry regulations and standards such as Data Protection Act 2018, PCI-DSS, and ISO27001. Monitor tools for data governance, data security, and compliance to manage information security risks and regulatory requirements and detect and investigate possible information security incidents. … management. Familiarity with ITIL practices and risk management methodologies. Significant proven experience with cyber security incident management and response Strong knowledge of security standards and regulations, such as GDPR, PCI-DSS, and ISO27001 Experience of delivering data protections specifically data loss prevention, sensitivity labelling and retention (using Microsoft Purview) Experience of managing projects through to completion Skills & Attributes More ❯

made available to all staff and volunteers increasing awareness among these groups. Develop policies and procedures in accordance with industry regulations and standards such as Data Protection Act 2018, PCI-DSS, and ISO27001. Monitor tools for data governance, data security, and compliance to manage information security risks and regulatory requirements and detect and investigate possible information security incidents. … management. Familiarity with ITIL practices and risk management methodologies. Significant proven experience with cyber security incident management and response Strong knowledge of security standards and regulations, such as GDPR, PCI-DSS, and ISO27001 Experience of delivering data protections specifically data loss prevention, sensitivity labelling and retention (using Microsoft Purview) Experience of managing projects through to completion Skills & Attributes More ❯

triaging alerts, investigating incidents, identifying root causes, and coordinating response actions Implement and manage security controls across AWS, Azure, and on-prem environments, aligning with frameworks like ISO 27001, PCI-DSS Build and maintain clear, actionable dashboards and reports for technical and leadership teams, covering threats, vulnerabilities, incident trends, and control effectiveness Keep our documentation tight - from runbooks … especially AWS and Azure - and applying cloud security principles in live environments Experience in a regulated industry, ideally financial services, with knowledge of relevant compliance standards (e.g., ISO 27001, PCI-DSS) Hands-on expertise with Microsoft security tools - including Defender for Endpoint, Defender for Cloud, Defender for Identity, Microsoft Purview, Taegis, Z-Scaler or equivalents A strong infrastructure More ❯

the organisation Stay current with GRC trends, standards, and best practices Assist in managing the Security GRC Framework Collaborate with stakeholders, auditors, and vendors Support compliance activities (CAF, SEMD, PCI DSS, ISO27001) Monitor and report on security compliance and incidents Conduct controls testing and coordinate audit findings Advise on compliance matters and manage policy exemptions Liaise with Data …/DEFEND, and other security frameworks Solid understanding of cyber security, including Cyber Essentials and social engineering Awareness of current IS technologies, threats, and vulnerabilities Familiarity with ISO 27001, PCI DSS, and ITIL frameworks Hands-on experience with risk management tools and processes Skilled at translating business needs into security solutions Experience developing and maintaining IS policies and More ❯

is well defined. Engage risk review and assurance activities across existing suppliers. Provide IT and business advice on aspects of security standards and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Engage with I&T system owners to provide training in relation to information security, cyber resilience, phishing, and facilitation of cyber scenario desktop simulations … consequences across both IT and manufacturing environments in manufacturing or similar industries. Experience working with information security standards and frameworks such as and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Proven analytical, problem-solving, planning, project delivery and supplier work packages management skills. Demonstrable experience of engaging across all levels of a company in More ❯

measuring cost-effectiveness Respond promptly in-hours to technical incidents Embrace automation and be reluctant for manual implementation Implement security best practices ensuring platform compliance with ISO27001, SOC2 and PCI-DSS Share knowledge with colleagues by writing technical documentation and leading training sessions Requirements Ideally you will be an inquisitive Infrastructure Engineer, with an aptitude for finding clean … communication and problem-solving skills Desirably you will have: Understanding of database monitoring, analysis, disaster recovery and performance tuning Knowledge of security and compliance frameworks like ISO270001, SOC2 and PCI-DSS Understanding of networking and routing concepts (TCP/IP, VLANs, VPNs, BGP, etc) and preferably experience designing and establishing connectivity between AWS and on-premise locations The More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

lifecycle management, and operational workflows in collaboration with compliance, support, and operations teams Ensuring all product features and processes meet relevant regulatory and scheme compliance requirements (FCA, PSD2, AML, PCI-DSS) Collaborating with engineering, design, and third-party providers to deliver scalable, secure card payment solutions Defining and monitoring KPIs to track product performance, customer satisfaction, and operational … Deep understanding of tokenisation, EMVCo standards, and mobile wallet provisioning (Apple Pay, Google Pay) Strong working knowledge of card scheme requirements, issuer processor integrations, and compliance frameworks (KYC, AML, PCI-DSS, PSD2) Experience designing and implementing customer and operational product processes, including onboarding, servicing, and dispute resolution Strong analytical, problem-solving, and data-driven decision-making skills Excellent More ❯

s Information Security Management System remains effective in protecting HL critical information assets within risk appetite. Lead assurance activities against Information Security Compliance frameworks, including but not limited to: PCI, NIST, SWIFT, GDPR Conducting analysis of cloud-based assets pertaining to information security incidents, audits, and testing while adhering to best practices. Lead engagement of Cloud Audits and remediation … CISSP, CRISC Hands on demonstratable experience and knowledge of: Carrying out security reviews against recognised security control frameworks such as CSA Cloud Control Matrix, ISO27017/27001, NIST CSF, PCI-DSS, SWIFT, AWS CAF Atlassian, IAAC Terraform, Merge Requests, GIT Ops, Git Hub, Workflow, Wiz, Security Hub, Macie, Audit Manager, Microsoft Compliance Portal/Purview, Microsoft Information Protection More ❯

and proxy solutions.(e.g., F5, Palo Alto, Forcepoint, Cisco ASA) Security & Compliance Integration of security principles (Zero Trust, segmentation, NAC). Familiarity with frameworks such as ISO 27001, NIST, PCI-DSS, and data protection standards (GDPR). Cloud & Virtualisation Experience with AWS, Azure, or GCP networking services (Transit Gateway, VNet, VPC, ExpressRoute, Direct Connect). Understanding of hybrid More ❯

e.g., network security, data protection, vulnerability management, access control). Leading disaster recovery planning, business continuity strategies, and incident response. Familiarity with compliance standards such as NIST, ISO 27001, PCI-DSS, and GDPR in the context of data centers, critical IT infrastructure, and application resilience for business survivability. Excellent communication, presentation, and client-facing skills with the ability More ❯

platforms (AWS, Azure, GCP). Implement DevSecOps practices, including secure CI/CD pipelines and infrastructure-as-code templates. Ensure compliance with frameworks such as NIST CSF, ISO 27001, PCI DSS, and CSA CCM. Essential Skills & Experience 15+ years in Information Security, 7-8+ years in Security Architecture. Cloud security architecture experience (AWS, Azure, GCP), multi-cloud More ❯