1 to 25 of 48 Permanent SOC 2 Jobs in London

chaos to strategic partnerships Compliance & Security Transform compliance from a checkbox exercise into a sales accelerator that wins enterprise deals Own and execute our SOC 2 certification end‐to‐end with efficient, automated evidence gathering Turn RFI and security questionnaire responses into a competitive advantage—fast, thorough, repeatable … people) Able to manage and procure upwards of 50+ vendors, owning a budget in the 7 digits Track record implementing and maintaining compliance frameworks (SOC 2, ISO 27001, GDPR) Experience with enterprise sales support in a B2B SaaS company—you’ve answered RFIs and security questionnaires Proven ability ...

already HIPAA and ISO27001 certified, we’re heading into a PCI DSS audit shortly, and later this year we’ll have GDPR and SOC 2 Type II coming up. The role is based in our dog‐friendly office in London: The Bower, 207‐122, Old Street, London EC1V … 9NR. What you’ll own Audits and certifications Run the PCI DSS audit to completion, then GDPR and SOC 2 Type II this year Serve as the main point of contact for external auditors—scoping, evidence, walkthroughs, findings Maintain HIPAA and ISO 27001 compliance between recertifications Compliance operations ...

Define and own the GRC programme, including the ISMS, policy framework, risk registers, and audit readiness Implement and maintain compliance with ISO 27001, SOC 1, SOC 2, NIST CSF, GDPR, and relevant financial services regulations Understand the GRC landscape, implement appropriate controls, and adapt as the threat … progressive experience in information security, with at least 3 years in a senior or leadership role Hands‐on experience owning ISO 27001 and SOC 1 and SOC 2 programmes, not just supporting them Demonstrated experience managing security incidents end‐to‐end, including client and regulatory communications Strong ...

Lead structured pilots with signed mutual action plans, clear success criteria, and measurable exit criteria before they start. Navigate enterprise procurement end-to-end: SOC 2, DPAs, MSAs, redlines, and vendor security reviews. Feed tight feedback loops to product and engineering on objections, competitive context, and pilot learnings. … Comfortable selling to and holding conversations with deeply technical buyers (engineering, AI/ML, security teams). Experience navigating enterprise security and compliance procurement (SOC 2, DPAs, MSAs). Startup experience (Seed–Series B) — you thrive in ambiguity and can iterate fast. Tech stack at company : Voice ...

group-level data capability is live with a published catalog and cross-divisional SLAs. Regulatory & Cost Control: Engineering consistently hits all MiCA, DORA, and SOC 2 milestones while managing cloud and vendor spend against clear business-unit baselines. Key Responsibilities Engineering Delivery & Cadence: Run day-to-day global … group data pipelines and governance. Cybersecurity Execution & Compliance: Own the on-the-ground execution of The Company’s security and regulatory commitments (MiCA, DORA, SOC 2). Foster a "controls-by-design" engineering culture while respecting regulated divisional information walls. Talent, Budget & Scale: Manage the global engineering budget ...

and operational runbooks Manage secrets, key custody, access controls, and infrastructure governance Deliver backup, disaster recovery, and business continuity strategies Drive compliance readiness for SOC 2, ISO 27001, and regulatory audits Partner with software engineering teams to ensure applications are secure, observable, and production-ready Lead infrastructure migration … taking systems from early‐stage development through to secure production deployment Strong background in cloud infrastructure, automation, and operational security Experience supporting or leading SOC 2 Type II and/or ISO 27001 programmes Strong documentation and communication skills with the ability to create clear technical and compliance ...

native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC 2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and … infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC 2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management ...

improve processes, thrive without rigid playbooks. Comfortable operating in scale-up environments where customer needs inform product direction. Security & Compliance Acumen: Understand security requirements, SOC 2/ISO 27001, data residency, audit logging, encryption. Trusted conduit between Sales and Technology - able to articulate product capabilities on security RFPs … task management, audit trails, reporting), how they integrate with risk management systems, and typical architecture patterns in Financial Services and Payments. Security Concepts: Understand SOC 2/ISO 27001, data residency and sovereignty, encryption at-rest/in-transit, audit logging, and role-based access control. Troubleshooting Mindset ...

business Supporting onboarding and offboarding processes Ensuring internal systems remain secure and compliant Working alongside external consultants certification projects such as IS27001/SOC 2 Providing technical information, documentation and evidence throughout the audit process Identifying opportunities to improve internal processes, security and efficiency What we're looking … environments Good understanding of cyber security best practices and access management Experience supporting security audits, compliance programmes or certifications such as ISO 27001 or SOC 2 A proactive and self sufficient approach Strong communication skills with the ability to support both technical and non technical users Why join ...

CIRO's deputy on compliance matters. What you'll do Own Beam's certification portfolio end‐to‐end including ISO 27001, SOC 2 Type II, HIPAA, NHS DSPT, Cyber Essentials, GDPR and more, from planning and evidence to audit liaison and renewals. Three further ISO standards land March … setting the standard across Trust & Safety. What you'll need Personal ownership of a multi‐framework certification portfolio in B2B SaaS - ISO 27001 or SOC 2 minimum, ideally with Cyber Essentials and a health or public‐sector framework (NHS DSPT, HIPAA). You've run audits, evidence, and ...

and Docker environments Data Loss Prevention (DLP) and SaaS security governance. Advanced detection engineering or SOAR playbook development. Experience supporting ISO 27001 or SOC 2 audits. Relevant certifications (e.g. CISSP, CISM, GIAC). Workplace & Benefits At Deliveroo we know that people are the heart of the business and ...

depth strategies.**Knowledge of Standards:*** Strong knowledge of relevant security standards and frameworks such as NIST, ISO 27001, CSA CCM, MITRE ATT&CK, SOC2 and OWASP.**Communication Skills:*** Ability to articulate technical risks and architectural decisions to both technical and non-technical audiences.**Certifications:*** Architectural qualifications (e.g., SABSA, TOGAF ...

and incident response workflows Experience with scripting or automation using Python, PowerShell, or similar Knowledge of security frameworks such as NIST, ISO 27001, SOC 2, or CIS Strong problem-solving mindset with the ability to operate across multiple security domains Experience within regulated or financial environments is beneficial ...

and incident response workflows Experience with scripting or automation using Python, PowerShell, or similar Knowledge of security frameworks such as NIST, ISO 27001, SOC 2, or CIS Strong problem-solving mindset with the ability to operate across multiple security domains Experience within regulated or financial environments is beneficial ...

Senior Security & Compliance Architect London/Hybrid (1–2 days onsite per week) Salary: Up to £140,000 + Package We are seeking a Senior Security & Compliance Architect to lead the design, governance, and assurance of secure cloud and SaaS platforms across large-scale enterprise transformation programmes. This … platforms Design and implement data protection controls including classification, DLP, encryption, retention, and access policies Interpret and implement compliance requirements including GDPR, ISO 27001, SOC 2, and client security obligations Lead SaaS/vendor security assurance, including risk assessments, architecture reviews, and due diligence Support incident response, resilience ...

microservices, etc.) and evaluate new technologies that can drive business value.Risk & Compliance : Oversee technical risk management, data privacy, security standards, and regulatory compliance (SOC2, GDPR, HIPAA, etc. as applicable).Budget & Operations : Manage the engineering budget, vendor relationships, and infrastructure costs. Optimize resource allocation across projects and initiatives.Cross-functional Collaboration ...

microservices, etc.) and evaluate new technologies that can drive business value. Risk & Compliance: Oversee technical risk management, data privacy, security standards, and regulatory compliance (SOC2, GDPR, HIPAA, etc. as applicable). Budget & Operations: Manage the engineering budget, vendor relationships, and infrastructure costs. Optimize resource allocation across projects and initiatives. Cross ...

accurately. 7. Governance, Standards & Compliance Working knowledge of NIST CSF, ISO 27001, CIS Benchmarks, GDPR and SOC2. Ability to embed governance in cloud and SOC engineering processes. 8. Leadership & Cross‐Functional Collaboration Experience guiding and developing engineering teams. Strong communication, stakeholder management, and ability to influence global cyber defence ...

services, banking, or payments. Experience in InfoSec and Cyber Security. Experience setting up policies and processes in InfoSec area. Familiarity with PCI-DSS, ISO27001, SOC 2/3 or other global standards. Familiarity with regulatory requirements (DORA, PCI-DSS, PSD2, GDPR). Understanding of agile development processes and ...

security controls. Experience supporting risk assessments, audits, compliance reviews, or control testing activities. Knowledge of security and compliance frameworks such as ISO 27001, NIST, SOC2, or GDPR. Ability to analyse technical risks and communicate findings clearly to technical and non-technical stakeholders. Desirable: Experience within financial services, FinTech, or other ...

regulatory landscape relevant to digital asset custody and trading (for example FCA, FINMA, FSRA/ADGM, MiCA). Compliance familiarity across ISO 27001, SOC 2, and NIST CSF/800‐53, with the ability to map controls cleanly between them. Enterprise architecture grounding (TOGAF, SABSA) where it complements ...

least privilege, and security hardening principles. Desirable Experience with Microsoft Sentinel, Splunk, Tenable, Qualys, or Defender TVM. Knowledge of NIST, ISO 27001, CIS, or SOC 2 frameworks. Familiarity with Azure Automation, Logic Apps, PKI, and certificate management. About You - You are a proactive and detail-oriented security professional ...

least privilege, and security hardening principles. Desirable Experience with Microsoft Sentinel, Splunk, Tenable, Qualys, or Defender TVM. Knowledge of NIST, ISO 27001, CIS, or SOC 2 frameworks. Familiarity with Azure Automation, Logic Apps, PKI, and certificate management. About You - You are a proactive and detail-oriented security professional ...

Information Security Engineer London (Barbican) | Hybrid Working (2 days per week onsite) £80,000 - £90,000 + 8% Bonus + Excellent Pension & Benefits * Must be eligible for UK Security Clearance * Are you an Information Security Engineer looking to work on technology that genuinely makes a difference This … security initiatives Desirable Experience Security certifications such as Security+, CISSP, SSCP, CISA, CCSK or similar Exposure to compliance frameworks including GDPR, PCI-DSS, SOC 2, HIPAA, FedRAMP or similar Experience within large-scale enterprise or highly regulated environments What's On Offer? Salary ...

Information Security Engineer London (Barbican) | Hybrid Working (2 days per week onsite) £80,000 to £90,000 + 8% Bonus + Excellent Pension & Benefits * Must be eligible for UK Security Clearance * Are you an Information Security Engineer looking to work on technology that genuinely makes a difference This … security initiatives Desirable Experience Security certifications such as Security+, CISSP, SSCP, CISA, CCSK or similar Exposure to compliance frameworks including GDPR, PCI-DSS, SOC 2, HIPAA, FedRAMP or similar Experience within large-scale enterprise or highly regulated environments What's On Offer? Salary ...