1 to 25 of 26 Permanent SOC 2 Jobs in London

Location: London, UK (Hybrid: 2 days per week in the office) Company: Navro – Pioneering the Future of Payments Securing Trust: Cyber Security Lead This isn't just another Information Security role. No legacy systems. No corporate red tape. No coasting. This is about building something from the ground up. Fast. We're Navro, a rapidly scaling B2B payments startup … You'll run and be part of the projects that implement, build, and maintain security integrations across our tech stack, establish incident response playbooks, and lead day‐to‐day SOC operations that protect our platform and customers. You won't have layers of approval slowing you down. You will have the freedom to make real, impactful decisions from day … of a high‐performing SOC built on automation, quality data, and continuous learning. What You'll Be Doing: Own the design, implementation, and operation of our SIEM and SOC capability with Microsoft Sentinel, including data ingestion, workspace architecture, analytics, automation, and dashboards. Integrate high‐value telemetry sources (Entra, M365, Google Workspace, AWS, GCP, endpoints/EDR, network, SaaS More ❯

risk mitigation objectives Continuously evaluate operational exposures and recommend insurance solutions for comprehensive and cost-effective coverage across business units Information Security Audits Oversee and coordinate ISO 27001 and SOC 2 audit activities, ensuring evidence collection, control implementation, and compliance alignment across all business units Manage and maintain continuous compliance through Vanta, automating evidence gathering, monitoring control effectiveness … or regulated environment. Experience managing or supporting corporate insurance programmes, including renewals, risk assessment, and broker liaison. Hands-on experience with information security audits, such as ISO 27001 and SOC 2, and working with audit management tools like Vanta or similar. Exposure to incident response management, including cross-functional collaboration with IT, Engineering, and Cyber Security teams. Experience More ❯

offboarding process: device provisioning, account creation, and permission management. · Monitor and maintain IT security best practices (MFA, endpoint protection, device patching, etc.) aligned with compliance frameworks (Cyber Essentials, ISO27001, SOC 2). · Support and contribute to the firm's compliance initiatives, including audits and certification processes. · Assist in evaluating, implementing, and optimising new IT tools, services, and automations … remote access). Desirable · Exposure to legal, private equity, or financial services environments. · Experience supporting or administering AI-based applications or workflow tools. · Familiarity with security frameworks (ISO 27001, SOC 2) and compliance requirements. · Experience with scripting (PowerShell) or IT automation tools. · Knowledge of additional SaaS platforms (Slack, HubSpot, etc.). More ❯

Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated More ❯

asset inventories and ensure patching and configuration baselines are followed. Security Governance & Compliance Contribute to maintaining security standards and aligning with frameworks such as ISO 27001, NIST, CIS, or SOC 2. Support audits, evidence collection, and compliance reporting (e.g., GDPR, PCI-DSS). Develop and maintain documentation for policies, procedures, architecture, and runbooks. Collaboration & Knowledge Sharing Work with IT More ❯

with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have More ❯

security requirements in digital health, life sciences, or FDA-regulated software environments Proven track record managing security and compliance under HIPAA, FDA, and NIST Knowledge of GDPR, ISO 27001, SOC 2 and international security standards Experience with cloud-native environments (e.g., AWS), data encryption, identity management, and secure software development practices Strong communicator who can translate security priorities More ❯

Azure Security Center/Microsoft Defender for Cloud, encryption using Azure Key Vault, network security with NSGs and Azure Firewall, Azure Policy for governance, and compliance frameworks (ISO 27001, SOC 2, GDPR). Experience conducting security assessments using Microsoft Secure Score, implementing security hardening, and responding to security incidents. Backup & Disaster Recovery - Experience implementing and managing Backup for More ❯

/cyber security projects and challenges, preferably over a number of industry domains Strong understanding of leading cybersecurity frameworks and standards such as ISO27001, NIST, Cyber Essentials+, CAF, CIS, SOC 2, etc. Up-to-date knowledge of cyber/information security, concepts, risk, controls, and industry trends Experience of working on e.g., security governance models and frameworks, policies More ❯

to Standardise information security policies, frameworks, and controls across all entities, while allowing flexibility for business specific regulations. Oversee Cyber security regulatory compliance initiatives ns (e.g. NIST, ISO 27001, SOC2 compliance). Lead the design and operation of shared security services between IAG Loyalty and IAG airlines (e.g., threat detection, incident response, intel management, data sharing) at the group level. More ❯

experience with Agile/Scrum methodologies. Experience in industries relevant to Fusion such as telecoms, retail, utilities etc. Knowledge of specific industry regulations or compliance standards (e.g., ISO 27007, SOC 2, HIPAA, PCI DSS) relevant to MSP operations. Experience with APls, web services, and integration tools to connect ServiceNow with other enterprise systems. Skills: Technical: o Strong implementation More ❯

GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP frameworks. Senior Security Analyst/Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in More ❯

Cloud Presales Specialist/AI Presales Consultant/SaaS Integrations/APIs/Security/Compliance/AWS/Azure/GCP/NLP/ML/ISO27001/SOC2/GDPR More ❯

Experience with Redis and Celery. Experience scaling multi-tenant SaaS applications. Experience with cloud platforms. (AWS, Google Cloud or Azure). Knowledge of containerisation (Docker or Kubernetes) Familiarity with SOC 2 readiness and security best practices. Experience with observability and monitoring. Background in fintech, lending or other regulated-data environments. Experience or interest in Rust or Go for … leadership team where your opinions are heard and welcome. This is also a chance to be part of bringing a game changing product to life This role is hybrid, 2-3 days in their offices at London Bridge Salary ranges from £80,000 - £125,000 with attractive EMI share options More ❯

the identity verification, fraud prevention, or fintech sector. Familiarity with global privacy frameworks outside of Europe (e.g., CCPA, PIPL). Understanding of cybersecurity principles and standards (e.g., ISO 27001, SOC 2). What We Offer A competitive salary and comprehensive benefits package. The opportunity to play a pivotal role in a globally recognised technology leader. A critical and More ❯

engineering best practices (e.g. test-driven development, continuous delivery, scrum practices, automation, maintainable and testable code etc.) Strong knowledge of HTTP security is highly desirable Experience with FedRamp and SOC 2 certification is a plus Strong written and verbal communication skills Proactive, self-motivated, and strong ability to learn new things with little guidance Highly organized with critical More ❯

engineering or building developer-facing platforms. Background in Software Engineering, SRE or infrastructure engineering, with a strong developer tooling focus. Knowledge of compliance-driven SDLC requirements (e.g., ISO 27001, SOC2). Experience running developer surveys, DX metrics frameworks (e.g., DORA, SPACE), or feedback-driven adoption programs. Benefits Join a pioneering joint venture at the intersection of AI and industry transformation. More ❯

engineering or building developer-facing platforms. Background in Software Engineering, SRE or infrastructure engineering, with a strong developer tooling focus. Knowledge of compliance-driven SDLC requirements (e.g., ISO 27001, SOC2). Experience running developer surveys, DX metrics frameworks (e.g., DORA, SPACE), or feedback-driven adoption programs. Benefits Join a pioneering joint venture at the intersection of AI and industry transformation. More ❯

Role : Platform Security Architecture Manager Location : Hybrid, 2 days in HQ Compensation : Up to £180,000 total comp Lawrence Harvey are partnered with a well respected, innovative Investment Management firm focused on delivering long-term value for its clients through data-driven strategies, advanced technology, and disciplined risk management. Their platform supports complex analytics, high-volume data processing, and … Lead threat modeling, risk assessments, and architectural reviews. Partner with engineering, trading technology, data teams, and compliance. Guide adoption of identity, encryption, and zero-trust controls. Support regulatory obligations (SOC 2, ISO 27001, SEC/FINRA). Mentor security architects and drive secure engineering culture. Candidate Profile 10+ years in security architecture within a Financial Services Very highly More ❯

to reduce vulnerabilities. Infrastructure & DevOps Security – Apply secure practices to containerization, Kubernetes, CI/CD pipelines, and infrastructure-as-code workflows. Compliance & Risk Management – Support ISO/IEC 27001, SOC2 Type II, NIST CSF, and other compliance initiatives. Cross-Functional Collaboration – Partner with IT, Engineering, Data, and Product teams to implement security improvements and drive adoption of best practices. Continuous … and log management. Application Security Skills – Proficiency with security toolsets, including SAST, SCA, CSPM, and DAST. Compliance Knowledge – Understanding of security, privacy, and compliance frameworks (ISO/IEC 27001, SOC2 Type II, NIST CSF). Communication & Collaboration – Strong verbal and written skills in English, with an ownership-driven mindset. NICE TO HAVE Security certifications such as CISSP, CompTIA Security+, AWS More ❯

environments whilst measuring cost-effectiveness Respond promptly in-hours to technical incidents Embrace automation and be reluctant for manual implementation Implement security best practices ensuring platform compliance with ISO27001, SOC2 and PCI-DSS Share knowledge with colleagues by writing technical documentation and leading training sessions Requirements Ideally you will be an inquisitive Infrastructure Engineer, with an aptitude for finding clean … gateways Excellent communication and problem-solving skills Desirably you will have: Understanding of database monitoring, analysis, disaster recovery and performance tuning Knowledge of security and compliance frameworks like ISO270001, SOC2 and PCI-DSS Understanding of networking and routing concepts (TCP/IP, VLANs, VPNs, BGP, etc) and preferably experience designing and establishing connectivity between AWS and on-premise locations The More ❯

base of operations here, in the UK, as an experienced GRC Information Security Analyst ? Do you have experience in the GRC Security space with audits, auditors, ISO27001, PCI DSS, SOC2, NIST & current compliance regulations? If so & you are looking to expand your information Security career, meet new team members, embrace new challenges & join a world-class team – we’d like … know what the role will entail, but see below for things we’ll need to see in order to be considered: - Knowledge and experience of ISO 27001, PCI DSS, SOC2, NIST and CIS benchmarking is essential. - Knowledge and experience achieving and maintaining compliance with relevant legislation, such as DPA, GDPR - Knowledge of cloud environments (AWS, Azure) & Windows, &/or Linux More ❯

base of operations here, in the UK, as an experienced GRC Information Security Analyst Do you have experience in the GRC Security space with audits, auditors, ISO27001, PCI DSS, SOC2, NIST & current compliance regulations? If so & you are looking to expand your information Security career, meet new team members, embrace new challenges & join a world-class team – we’d like … know what the role will entail, but see below for things we’ll need to see in order to be considered: - Knowledge and experience of ISO 27001, PCI DSS, SOC2, NIST and CIS benchmarking is essential. - Knowledge and experience achieving and maintaining compliance with relevant legislation, such as DPA, GDPR - Knowledge of cloud environments (AWS, Azure) & Windows, &/or Linux More ❯

and contribute to cutting-edge technology solutions while supporting their IT operations.About you * Degree in Computer Science, Engineering, or a related technical field from a top university (First or 2:1).* Strong knowledge of Windows and macOS environments.* Familiarity with Microsoft 365 or Google Workspace.* Basic understanding of networking (TCP/IP, DNS, DHCP, VPN).* Excellent communication … Knowledge of Active Directory, Azure AD, or Intune.* Basic scripting skills (PowerShell, Bash, Python).* Experience with ticketing systems (Jira, Zendesk, Freshservice).* Awareness of security best practices (ISO27001, SOC2).What Can you expect to be doing? * Act as the first point of contact for IT support queries via email, chat, or ticketing system.* Diagnose and resolve hardware, software, and … list for this position. Keywords Windows, macOS, Office 365, Google Workspace, Active Directory, Azure AD, Intune, TCP/IP, DNS, DHCP, VPN, PowerShell, Bash, Python, Jira, Zendesk, Freshservice, ISO27001, SOC2, IT Support, Helpdesk, Troubleshooting, Hardware, Software, Networking, Ticketing Systems. More ❯

contribute to cutting-edge technology solutions while supporting their IT operations. About you * Degree in Computer Science, Engineering, or a related technical field from a top university (First or 2:1). * Strong knowledge of Windows and macOS environments. * Familiarity with Microsoft 365 or Google Workspace. * Basic understanding of networking (TCP/IP, DNS, DHCP, VPN). * Excellent communication … Knowledge of Active Directory, Azure AD, or Intune. * Basic scripting skills (PowerShell, Bash, Python). * Experience with ticketing systems (Jira, Zendesk, Freshservice). * Awareness of security best practices (ISO27001, SOC2). What Can you expect to be doing? * Act as the first point of contact for IT support queries via email, chat, or ticketing system. * Diagnose and resolve hardware, software … list for this position. Keywords Windows, macOS, Office 365, Google Workspace, Active Directory, Azure AD, Intune, TCP/IP, DNS, DHCP, VPN, PowerShell, Bash, Python, Jira, Zendesk, Freshservice, ISO27001, SOC2, IT Support, Helpdesk, Troubleshooting, Hardware, Software, Networking, Ticketing Systems. More ❯