1 to 25 of 49 Permanent SOC 2 Jobs in London

chaos to strategic partnerships Compliance & Security Transform compliance from a checkbox exercise into a sales accelerator that wins enterprise deals Own and execute our SOC 2 certification end‐to‐end with efficient, automated evidence gathering Turn RFI and security questionnaire responses into a competitive advantage—fast, thorough, repeatable … people) Able to manage and procure upwards of 50+ vendors, owning a budget in the 7 digits Track record implementing and maintaining compliance frameworks (SOC 2, ISO 27001, GDPR) Experience with enterprise sales support in a B2B SaaS company—you’ve answered RFIs and security questionnaires Proven ability ...

Fractional CISO 2–3 days per week 1 day a week in London (City) Initial 3-month engagement (likely extension) Partnered with an AI-driven digital health startup that’s redefining care across the UK and US. As they scale commercially and prepare for continued US growth, they … whilst also getting deep into controls, engineering processes, access management and audit readiness. What you’ll be doing The immediate priority is leading the SOC 2 programme end-to-end, driving Type I readiness and laying the operational foundations for Type II. Crucially, the environment needs ...

secure practices across engineering and business teams. You’ll play a key role in ensuring our systems and processes align with ISO 27001 and SOC 2 requirements, contributing to risk assessments, and supporting incident response activities. Working closely with product and engineering teams, you’ll help embed security … Type II audits, ensuring controls remain effective. Drive readiness for ISO/IEC 42001 AI certification Apply prior experience successfully obtaining ISO and SOC certifications Manage customer due diligence requests and run Definely’s SafeBase-powered Trust Center; streamline customer security questionnaires, DPAs, and RFP security sections. Product & Engineering ...

already HIPAA and ISO27001 certified, we’re heading into a PCI DSS audit shortly, and later this year we’ll have GDPR and SOC 2 Type II coming up. The role is based in our dog friendly office in London: The Bower, 207 122, Old Street, London EC1V … What you’ll own/h3 h3 Audits and certifications/h3 ul li Run the PCI DSS audit to completion, then GDPR and SOC 2 Type II this year/li li Serve as the main point of contact for external auditors scoping, evidence, walkthroughs, findings/ ...

things compliance, building structure where needed while keeping things pragmatic and lightweight. You’ll manage and evolve our existing frameworks (e.g. Cyber Essentials, SOC 2), lead on planning and implementing our compliance roadmap, and help us meet the requirements needed to work with Enterprise and Government customers alike. … and inform secure development practices. What you’ll do Own day‐to‐day compliance across the business, ensuring our existing frameworks (CE/CE+, SOC 2) are maintained without adding unnecessary overhead Lead the implementation of ISO 27001 from the ground up, shaping how it fits a small ...

external platform access Managing relationships with third-party security providers and ensuring recommendations are delivered effectively Supporting compliance initiatives across standards including ISO 27001, SOC 2 and NIST Acting as an escalation point for significant security incidents when required Driving security awareness and embedding best practice across … operational teams Hands-on scripting or automation experience using Python, Bash or similar tools Experience supporting audits, certifications and compliance frameworks including ISO 27001, SOC 2 and NIST Knowledge of security methodologies such as MITRE ATT&CK Excellent communication and stakeholder management skills Experience operating within high-growth ...

improve processes, thrive without rigid playbooks. Comfortable operating in scale-up environments where customer needs inform product direction. Security & Compliance Acumen: Understand security requirements, SOC 2/ISO 27001, data residency, audit logging, encryption. Trusted conduit between Sales and Technology - able to articulate product capabilities on security RFPs … task management, audit trails, reporting), how they integrate with risk management systems, and typical architecture patterns in Financial Services and Payments. Security Concepts: Understand SOC 2/ISO 27001, data residency and sovereignty, encryption at-rest/in-transit, audit logging, and role-based access control. Troubleshooting Mindset ...

market. The Network: Existing, verifiable relationships within the cybersecurity ecosystem are highly advantageous. GRC Literacy: A strong working understanding of framework compliance (SOC 2 Type I/II, ISO 27001) and emerging regulations (such as ISO 42001 or the EU AI Act). Autonomy: As our primary commercial … serve as the ultimate trusted advisor for organizations securing their digital frontiers guiding international companies through the complexities of 20+ regulatory frameworks including SOC 2, ISO 27001, ISO 42001, ISO 9001, HIPAA, and CMMC while providing elite Penetration Testing services to secure their tech stacks. We specialize ...

implementation of ISO 27001 while ensuring a pragmatic approach that fits the startup environment. The ideal candidate will have hands-on experience with SOC 2 and ISO 27001, strong communication skills, and the ability to work closely with technical teams. Valarian offers equity, a competitive salary, and ...

Code: Bridging the gap between technical execution and regulatory requirements. You will build the automated systems that provide real-time evidence for frameworks like SOC 2, ISO 27001 & PCI ensuring we stay compliant without manual overhead. The Team You will be a key member of our growing Security … building the systems that check them for you. Security as Code: Design and maintain custom security tooling in Go to automate evidence collection for SOC2/ISO 27001 and remediation of security alerts. Infrastructure & IAM: Write and peer-review Terraform to manage identity and core infrastructure across AWS and ...

This is a hybrid position. Expectation of days in the office will be confirmed by your Hiring Manager. Qualifications Experience of Security Operations Center (SOC) work experience with a Bachelor's degree. Experience in Cybersecurity or computer network defense role. Experience in operating and utilizing Security Information and Event … and related security best practices. Knowledge of OWASP (Open Web Application Security Project) Top Ten Risk Factors. Understanding orExperience working in an ISO27001/2, PC-DSS or SOC 2 environment. Visa is an EEO Employer Qualified applicants will receive consideration for employment without regard to race ...

looking for top-tier talent to join us on our journey and enable our next phase of success. Senior DevOps Engineer Novatus HQ - 2 London Wall Place, EC2Y 5AU Job Overview: As a Senior DevOps Engineer , you will scope and deliver complex infrastructure projects end-to-end, building and … firewalls/security groups, VPN/private connectivity, load balancers, and practical troubleshooting. Experience operating cloud infrastructure in regulated environments (e.g. GDPR, ISO 27001, SOC 2). Experience designing observability, monitoring, logging, and alerting solutions for distributed systems. Strong software engineering ability beyond basic scripting. Ideally someone ...

and Docker environments Data Loss Prevention (DLP) and SaaS security governance. Advanced detection engineering or SOAR playbook development. Experience supporting ISO 27001 or SOC 2 audits. Relevant certifications (e.g. CISSP, CISM, GIAC). Workplace & Benefits At Deliveroo we know that people are the heart of the business and ...

and incident response workflows Experience with scripting or automation using Python, PowerShell, or similar Knowledge of security frameworks such as NIST, ISO 27001, SOC 2, or CIS Strong problem-solving mindset with the ability to operate across multiple security domains Experience within regulated or financial environments is beneficial ...

and incident response workflows Experience with scripting or automation using Python, PowerShell, or similar Knowledge of security frameworks such as NIST, ISO 27001, SOC 2, or CIS Strong problem-solving mindset with the ability to operate across multiple security domains Experience within regulated or financial environments is beneficial ...

depth strategies.**Knowledge of Standards:*** Strong knowledge of relevant security standards and frameworks such as NIST, ISO 27001, CSA CCM, MITRE ATT&CK, SOC2 and OWASP.**Communication Skills:*** Ability to articulate technical risks and architectural decisions to both technical and non-technical audiences.**Certifications:*** Architectural qualifications (e.g., SABSA, TOGAF ...

accurately. 7. Governance, Standards & Compliance Working knowledge of NIST CSF, ISO 27001, CIS Benchmarks, GDPR and SOC2. Ability to embed governance in cloud and SOC engineering processes. 8. Leadership & Cross‐Functional Collaboration Experience guiding and developing engineering teams. Strong communication, stakeholder management, and ability to influence global cyber defence ...

Senior Security & Compliance Architect London/Hybrid (1–2 days onsite per week) Salary: Up to £140,000 + Package We are seeking a Senior Security & Compliance Architect to lead the design, governance, and assurance of secure cloud and SaaS platforms across large-scale enterprise transformation programmes. This … platforms Design and implement data protection controls including classification, DLP, encryption, retention, and access policies Interpret and implement compliance requirements including GDPR, ISO 27001, SOC 2, and client security obligations Lead SaaS/vendor security assurance, including risk assessments, architecture reviews, and due diligence Support incident response, resilience ...

platforms Design and implement data protection controls including classification, DLP, encryption, retention, and access policies Interpret and implement compliance requirements including GDPR, ISO 27001, SOC 2, and client security obligations Lead SaaS/vendor security assurance, including risk assessments, architecture reviews, and due diligence Support incident response, resilience ...

recruiting for a Security Analyst with Ivanti Neurons experience to join one of our Insurance clients on a 6-month contract. Inside IR35 Hybrid- 2 days a week onsite in Reigate Responsibilities: Support the day-to-day vulnerability and patch management operations using Ivanti Neurons, including discovery, risk assessment ...

platforms (Power BI, Looker) Enable predictive modelling and optimisation using modern ML toolkits Security, Compliance & Responsible AI Ensure alignment with enterprise security standards (SOC2, ISO27001, NIST) Champion explainability, bias mitigation, and ethical AI practices Leadership & Talent Build and lead high-performing global teams across AI, data, and automation Foster ...

services, banking, or payments. Experience in InfoSec and Cyber Security. Experience setting up policies and processes in InfoSec area. Familiarity with PCI-DSS, ISO27001, SOC 2/3 or other global standards. Familiarity with regulatory requirements (DORA, PCI-DSS, PSD2, GDPR). Understanding of agile development processes and ...

security controls. Experience supporting risk assessments, audits, compliance reviews, or control testing activities. Knowledge of security and compliance frameworks such as ISO 27001, NIST, SOC2, or GDPR. Ability to analyse technical risks and communicate findings clearly to technical and non-technical stakeholders. Desirable: Experience within financial services, FinTech, or other ...

microservices, etc.) and evaluate new technologies that can drive business value.Risk & Compliance : Oversee technical risk management, data privacy, security standards, and regulatory compliance (SOC2, GDPR, HIPAA, etc. as applicable).Budget & Operations : Manage the engineering budget, vendor relationships, and infrastructure costs. Optimize resource allocation across projects and initiatives.Cross-functional Collaboration ...

microservices, etc.) and evaluate new technologies that can drive business value. Risk & Compliance: Oversee technical risk management, data privacy, security standards, and regulatory compliance (SOC2, GDPR, HIPAA, etc. as applicable). Budget & Operations: Manage the engineering budget, vendor relationships, and infrastructure costs. Optimize resource allocation across projects and initiatives. Cross ...