1 to 25 of 35 Permanent SOC 2 Jobs in London

chaos to strategic partnerships Compliance & Security Transform compliance from a checkbox exercise into a sales accelerator that wins enterprise deals Own and execute our SOC 2 certification end‐to‐end with efficient, automated evidence gathering Turn RFI and security questionnaire responses into a competitive advantage—fast, thorough, repeatable … people) Able to manage and procure upwards of 50+ vendors, owning a budget in the 7 digits Track record implementing and maintaining compliance frameworks (SOC 2, ISO 27001, GDPR) Experience with enterprise sales support in a B2B SaaS company—you’ve answered RFIs and security questionnaires Proven ability ...

will own the evolution of our security posture. Youll be the driving force behind our SIEM/SOAR capabilities and the guardian of our SOC 2 Type II and ISO 27001 standards. Key Responsibilities: Security Operations: Lead monitoring, detection, and incident response for internal and client-facing systems. … real-world threats (malware, phishing, cloud misconfigurations) and ensure rapid remediation. Vulnerability Management: Conduct regular assessments, penetration testing, and risk analysis. Compliance & GRC: Maintain SOC 2 Type II accreditation and lead ISO 27001 readiness. Administer compliance platforms like Drata. DevSecOps: Collaborate with Engineering and IT to integrate security ...

Doing Design, build, and maintain scalable cloud infrastructure to support rapid product growth Own DevOps, observability, and reliability across the platform Prepare systems for SOC 2/ISO 27001 audit readiness Build and manage CI/CD pipelines across backend, frontend, and data services Implement logging, metrics, tracing … platform, infrastructure, or DevOps engineering Startup or high-growth environment experience strongly preferred Proven ownership of infrastructure end-to-end Experience with compliance frameworks (SOC 2, ISO 27001, GDPR) Track record of balancing scale, reliability, and cost efficiency What You Can Expect A challenging, fast-moving environment where ...

Infrastructure as Code – Build and maintain Terraform across projects, networks, IAM, and services Enforce security and compliance – Implement controls aligned with healthcare requirements (HIPAA, SOC 2, ISO 27001); configure IAM, service accounts, workload identity, network security, and audit logging; support audits and remediation activities Manage internet-facing architecture …/identity-based access models Experience with containerised and serverless workloads (Cloud Run, GKE, Docker) Practical experience implementing security controls in cloud environments (SOC 2, ISO 27001, HIPAA, or similar) Experience operating web-facing, security-sensitive systems Comfortable working closely with ML, data, and product teams to translate ...

Concourse, CircleCI) Familiarity with maintaining HIDS systems (Wazuh preferred). NICE TO HAVE Knowledge of security standards and governance frameworks (e.g., CIS Benchmarks, NIST, SOC2, ISO 27001, PCI DSS) and how to operationalize them. Hands-on experience with building and maintaining a SIEM comprised of open-source and hosted components ...

across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. ...

Experience securing cloud environments such as AWS, GCP, and/or Azure. Knowledge of security and IT frameworks such as NIST CSF, ISO 27001, SOC2, PCI-DSS. Experience using ASANA or any project management tools including creating integrations for reporting purposes. Experience in information security and IT practices around services ...

cloud security and compliance Own platform‐level security decisions and risk mitigation Ensure secure‐by‐design infrastructure and access controls Support compliance initiatives (SOC 2, ISO:27001) Leadership & Team Development Lead and mentor the DevOps team including DevOps engineers, IT Support and an Information Security Officer Provide technical ...

lifecycle, cipher policy, and mTLS where used. · Support security audits, vulnerability management, patch cycles, and incident response. · Maintain alignment with relevant frameworks (ISO 27001, SOC 2, GDPR, PCI-DSS as applicable). Monitoring, Observability & Incident Response · Maintain monitoring and alerting across the stack (Prometheus, Grafana, CloudWatch, Zabbix, HOMER ...

secure-by-design practices, ensuring data protection, and conducting regular threat modelling and reviews. Standards Compliance : Ensure engineering practices and systems comply with ISO27001, SOC2, and other relevant standards. Budget & Reporting : Participate in budget planning and reviews relating to engineering requirements. Stakeholder Reporting : Report regularly to senior management on team … security into the SDLC. Testing & quality : strong background in automated testing (unit, integration, regression) and building for reliability. Essential Experience (Other) Scale-up journey : 2-3 years of experience in a senior role with a SaaS company @ $5-20m ARR, ideally as part of a scaling journey. Data ...

platforms (Power BI, Looker) Enable predictive modelling and optimisation using modern ML toolkits Security, Compliance & Responsible AI Ensure alignment with enterprise security standards (SOC2, ISO27001, NIST) Champion explainability, bias mitigation, and ethical AI practices Leadership & Talent Build and lead high-performing global teams across AI, data, and automation Foster ...

embedding data protection controls, classification schemes, DLP, retention, and encryption standards. Interpreting and implementing global compliance requirements (e.g., UK/EU GDPR, ISO 27001, SOC 2, client security clauses). Supporting SaaS and vendor security due diligence, including design reviews, compliance checks, and risk assessments. Supporting creation ...

equivalent; conditional access policy design and implementation o DDoS mitigation, BGP security, and network resilience engineering for latency-sensitive financial infrastructure o ISO 27001, SOC 2, DORA, or equivalent - hands-on implementation, not just audit participation o Red team, adversarial simulation, or penetration testing programme design - experience ...

equivalent; conditional access policy design and implementation o DDoS mitigation, BGP security, and network resilience engineering for latency-sensitive financial infrastructure o ISO 27001, SOC 2, DORA, or equivalent - hands-on implementation, not just audit participation o Red team, adversarial simulation, or penetration testing programme design - experience ...

having been in the room when something went wrong Knowledge of common security frameworks and standards (e.g. NCSC Cyber Essentials, ISO 27001, NIST, SOC 2) Highly Desirable ISO 27001 Lead Implementer or Lead Auditor certification, or hands‐on experience leading an ISO 27001 certification programme Experience ...

participating in technical assessments in direct support of a major compliance effort (e.g. ISO 27001, ISO 22301, ISO 27701, ISO 9001, PCI, SOC1/SOC 2, HITRUST) - Experience in services oriented architecture (SOA) hosted on cloud native infrastructure. Excellent communication, work prioritization and analytical skills. Result oriented, high ...

networking (VPNs, firewalls, routing, VLANs, etc.) Experience with automation/IaC tools (Terraform, scripting) Exposure to security best practices and regulated environments (ISO 27001, SOC2, etc.) Previous team leadership or mentoring experience A proactive, problem-solving mindset with the ability to take ownership 🎯 Why join? High level of ownership and ...

rapid product growth. Own DevOps and platform engineering practices, enabling teams to deploy quickly and safely. Prepare and maintain audit-ready infrastructure aligned with SOC 2 and ISO 27001 expectations. Build and evolve CI/CD pipelines across backend, frontend, and data services. Implement observability across logging, metrics ...

audit program. • Management of the internal security policy and standards review process, ensuring these are aligned and support compliance with ISO 27001, PCI-DSS, SOC2 and any other certifications required by the business or our customers. • Completion of presales security questionnaires and supporting associated enquiries, maintaining an FAQ audit database … understanding of physical and information security requirements in the data centre environment • A sound knowledge of ISO 27001, PCI DSS and ISAE/SSAE SOC 2 certification & audit processes. • Internal and external audit experience, preferably in a security or data centre discipline • A high level of IT user ...

Previous VP Engineering experience. Experience in a scale-up or high-growth environment. Knowledge of AI/ML integration in product development. Familiarity with SOC 2, ISO 27001, and GDPR compliance. Background in SaaS, fintech, or enterprise software. Experience customising Trading Systems (e.g., Calypso). Advanced degree ...

this one's for you. What You'll Own Design, build, and evolve our cloud infrastructure to keep pace with rapid product growth Lead SOC 2/ISO 27001 audit preparation, turning compliance into a competitive advantage Build and maintain robust CI/CD pipelines across backend, frontend ...

Infrastructure as Code (Terraform or CloudFormation) Proven experience leading cloud migration strategies and implementations Strong understanding of cloud security and compliance frameworks (e.g. CIS, SOC2) Experience with DevOps tooling (e.g. Git, Jenkins, Docker, Kubernetes) Ability to work in fast-paced, client-facing environments Desirable: Multi-cloud experience (AWS, Azure ...

systems in production Familiarity with prompt management, tool calling, evaluation, and AI safety patterns Healthcare or regulated-industry experience, including familiarity with HIPAA or SOC-2 compliance Experience with claims data, EHR-derived datasets, or real-world evidence Strong written and verbal communication skills with technical and non-technical ...

team, within tight timescales, to budget and a high level of quality. * Experience preparing, supporting, or auditing certification audits (e.g., ISO 27001, SOC 2, Cyber Essentials) Cyber Security Auditor In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH Recruitment ...

Experience implementing MFA, SSO, IGA and PAM solutions. Delivery across global organisations. Knowledge of security frameworks and standards (ISO 27001, NIST CSF, CIS, GDPR, SOC 2, IEC62443). Strong governance, risk and stakeholder management capability. Core Skills Programme leadership with strong commercial and budget oversight. Ability to influence ...