1 to 25 of 39 Permanent SOC 2 Jobs in London

chaos to strategic partnerships Compliance & Security Transform compliance from a checkbox exercise into a sales accelerator that wins enterprise deals Own and execute our SOC 2 certification end‐to‐end with efficient, automated evidence gathering Turn RFI and security questionnaire responses into a competitive advantage—fast, thorough, repeatable … people) Able to manage and procure upwards of 50+ vendors, owning a budget in the 7 digits Track record implementing and maintaining compliance frameworks (SOC 2, ISO 27001, GDPR) Experience with enterprise sales support in a B2B SaaS company—you’ve answered RFIs and security questionnaires Proven ability ...

will own the evolution of our security posture. Youll be the driving force behind our SIEM/SOAR capabilities and the guardian of our SOC 2 Type II and ISO 27001 standards. Key Responsibilities: Security Operations: Lead monitoring, detection, and incident response for internal and client-facing systems. … real-world threats (malware, phishing, cloud misconfigurations) and ensure rapid remediation. Vulnerability Management: Conduct regular assessments, penetration testing, and risk analysis. Compliance & GRC: Maintain SOC 2 Type II accreditation and lead ISO 27001 readiness. Administer compliance platforms like Drata. DevSecOps: Collaborate with Engineering and IT to integrate security ...

already HIPAA and ISO27001 certified, we’re heading into a PCI DSS audit shortly, and later this year we’ll have GDPR and SOC 2 Type II coming up. The role is based in our dog‐friendly office in London: The Bower, 207‐122, Old Street, London EC1V … 9NR. What you’ll own Audits and certifications Run the PCI DSS audit to completion, then GDPR and SOC 2 Type II this year Serve as the main point of contact for external auditors—scoping, evidence, walkthroughs, findings Maintain HIPAA and ISO 27001 compliance between recertifications Compliance operations ...

Doing Design, build, and maintain scalable cloud infrastructure to support rapid product growth Own DevOps, observability, and reliability across the platform Prepare systems for SOC 2/ISO 27001 audit readiness Build and manage CI/CD pipelines across backend, frontend, and data services Implement logging, metrics, tracing … platform, infrastructure, or DevOps engineering Startup or high-growth environment experience strongly preferred Proven ownership of infrastructure end-to-end Experience with compliance frameworks (SOC 2, ISO 27001, GDPR) Track record of balancing scale, reliability, and cost efficiency What You Can Expect A challenging, fast-moving environment where ...

Infrastructure as Code – Build and maintain Terraform across projects, networks, IAM, and services Enforce security and compliance – Implement controls aligned with healthcare requirements (HIPAA, SOC 2, ISO 27001); configure IAM, service accounts, workload identity, network security, and audit logging; support audits and remediation activities Manage internet-facing architecture …/identity-based access models Experience with containerised and serverless workloads (Cloud Run, GKE, Docker) Practical experience implementing security controls in cloud environments (SOC 2, ISO 27001, HIPAA, or similar) Experience operating web-facing, security-sensitive systems Comfortable working closely with ML, data, and product teams to translate ...

Concourse, CircleCI) Familiarity with maintaining HIDS systems (Wazuh preferred). NICE TO HAVE Knowledge of security standards and governance frameworks (e.g., CIS Benchmarks, NIST, SOC2, ISO 27001, PCI DSS) and how to operationalize them. Hands-on experience with building and maintaining a SIEM comprised of open-source and hosted components ...

across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. ...

and oral communication skills, and ability to assimilate easily into teams Strong technical skills and a working knowledge of SOX IT General Controls, COSO, SOC 1, and SOC 2 Awareness of ISO 27001, GDPR, and other relevant standards Effective analytical and critical thinking abilities Entrepreneurial nature, self ...

cloud security and compliance Own platform‐level security decisions and risk mitigation Ensure secure‐by‐design infrastructure and access controls Support compliance initiatives (SOC 2, ISO:27001) Leadership & Team Development Lead and mentor the DevOps team including DevOps engineers, IT Support and an Information Security Officer Provide technical ...

lifecycle, cipher policy, and mTLS where used. · Support security audits, vulnerability management, patch cycles, and incident response. · Maintain alignment with relevant frameworks (ISO 27001, SOC 2, GDPR, PCI-DSS as applicable). Monitoring, Observability & Incident Response · Maintain monitoring and alerting across the stack (Prometheus, Grafana, CloudWatch, Zabbix, HOMER ...

secure-by-design practices, ensuring data protection, and conducting regular threat modelling and reviews. Standards Compliance : Ensure engineering practices and systems comply with ISO27001, SOC2, and other relevant standards. Budget & Reporting : Participate in budget planning and reviews relating to engineering requirements. Stakeholder Reporting : Report regularly to senior management on team … security into the SDLC. Testing & quality : strong background in automated testing (unit, integration, regression) and building for reliability. Essential Experience (Other) Scale-up journey : 2-3 years of experience in a senior role with a SaaS company @ $5-20m ARR, ideally as part of a scaling journey. Data ...

equivalent; conditional access policy design and implementation o DDoS mitigation, BGP security, and network resilience engineering for latency-sensitive financial infrastructure o ISO 27001, SOC 2, DORA, or equivalent - hands-on implementation, not just audit participation o Red team, adversarial simulation, or penetration testing programme design - experience ...

equivalent; conditional access policy design and implementation o DDoS mitigation, BGP security, and network resilience engineering for latency-sensitive financial infrastructure o ISO 27001, SOC 2, DORA, or equivalent - hands-on implementation, not just audit participation o Red team, adversarial simulation, or penetration testing programme design - experience ...

having been in the room when something went wrong Knowledge of common security frameworks and standards (e.g. NCSC Cyber Essentials, ISO 27001, NIST, SOC 2) Highly Desirable ISO 27001 Lead Implementer or Lead Auditor certification, or hands‐on experience leading an ISO 27001 certification programme Experience ...

networking (VPNs, firewalls, routing, VLANs, etc.) Experience with automation/IaC tools (Terraform, scripting) Exposure to security best practices and regulated environments (ISO 27001, SOC2, etc.) Previous team leadership or mentoring experience A proactive, problem-solving mindset with the ability to take ownership 🎯 Why join? High level of ownership and ...

rapid product growth. Own DevOps and platform engineering practices, enabling teams to deploy quickly and safely. Prepare and maintain audit-ready infrastructure aligned with SOC 2 and ISO 27001 expectations. Build and evolve CI/CD pipelines across backend, frontend, and data services. Implement observability across logging, metrics ...

large, distributed teams in matrix environments. Strong communication, presentation, and influencing skills. Experience working with recognised security and compliance frameworks, including, GDPR, ISO 27001, SOC 2 & NIST. Certifications including SC-100, SC-200 and SC- 401, CISSP, CISM, CCSP, GIAC are highly desirable. ...

platforms Enable predictive modelling and optimisation to support strategic decision-making Security, Compliance & Responsible AI Ensure alignment with enterprise security and risk frameworks (SOC2, ISO27001, NIST) Champion ethical AI, explainability, and bias mitigation across all AI initiatives Work closely with risk, legal, and compliance teams in a highly governed environment ...

Previous VP Engineering experience. Experience in a scale-up or high-growth environment. Knowledge of AI/ML integration in product development. Familiarity with SOC 2, ISO 27001, and GDPR compliance. Background in SaaS, fintech, or enterprise software. Experience customising Trading Systems (e.g., Calypso). Advanced degree ...

this one's for you. What You'll Own Design, build, and evolve our cloud infrastructure to keep pace with rapid product growth Lead SOC 2/ISO 27001 audit preparation, turning compliance into a competitive advantage Build and maintain robust CI/CD pipelines across backend, frontend ...

Infrastructure as Code (Terraform or CloudFormation) Proven experience leading cloud migration strategies and implementations Strong understanding of cloud security and compliance frameworks (e.g. CIS, SOC2) Experience with DevOps tooling (e.g. Git, Jenkins, Docker, Kubernetes) Ability to work in fast-paced, client-facing environments Desirable: Multi-cloud experience (AWS, Azure ...

multi-tenant SaaS, Postgres at scale, AWS or GCP, and an identity provider such as Auth0 · Comfort with at least one regulated environment — PCI, SOC 2, ISO 27001, FCA, MiFID II, or peer · Career-level English and the ability to write in an institutional register — documentation matters here … Cohere infrastructure alumni. Marketplace experience with payments and payouts a plus. Stack. Python 3.12 · Django 5 · Postgres 16 · React 18 · AWS eu-west-2 · Auth0 · Stripe · Onfido · Vanta · GitHub Actions · Terraform. — What this is not — · Not a remote-only role. We expect London presence, with hybrid flexibility. ...

systems in production Familiarity with prompt management, tool calling, evaluation, and AI safety patterns Healthcare or regulated-industry experience, including familiarity with HIPAA or SOC-2 compliance Experience with claims data, EHR-derived datasets, or real-world evidence Strong written and verbal communication skills with technical and non-technical ...

Strong executive communication and stakeholder management skills Experience leading and scaling teams within a consulting environment Knowledge of security frameworks (e.g. GDPR, NIST, ISO27001, SOC2) You will gain exposure with: Enterprise-scale Microsoft Security transformation programmes Strategic collaboration across global Microsoft-focused teams Design and delivery of managed security services ...

solutions. • Stakeholder Management: Exceptional executive presence, with experience advising public-sector and Fortune-level clients. • Governance & Compliance: Deep understanding of GDPR/UK GDPR, SOC2, ISO27001, and ethical-AI frameworks. Preferred Qualifications • Certifications: Azure Solutions Architect Expert, CISSP, or equivalent. • Experience with AI policy bodies, standards organizations, or government advisory ...