19 of 19 Permanent SOC 2 Jobs in London

Infrastructure as Code – Build and maintain Terraform across projects, networks, IAM, and services Enforce security and compliance – Implement controls aligned with healthcare requirements (HIPAA, SOC 2, ISO 27001); configure IAM, service accounts, workload identity, network security, and audit logging; support audits and remediation activities Enable product, data, and …/identity-based access models Experience with containerised and serverless workloads (Cloud Run, GKE, Docker) Practical experience implementing security controls in cloud environments (SOC 2, ISO 27001, HIPAA, or similar) Experience operating web-facing, security-sensitive systems Comfortable working closely with ML, data, and product teams to translate ...

City of London - Hybrid Working Responsibilities: - Plan, lead, and deliver a diverse portfolio of IT Assurance and Consulting engagements, including IT External Audit Support, SOC 1 & SOC 2 Attestations, IT Internal Audit Reviews, Regulatory Compliance Assessments, and Operational Resilience evaluations, ensuring quality delivery within scope, time, and … actionable recommendations for management and governance stakeholders. Required Skills/Experience: - Strong understanding of ISA 315/330/402 - Experience delivering IT Assurance, SOC 1 & 2, and IT Internal Audit engagements. - Proficient in testing ITGCs, ITACs, and IPEs across varied system environments. - Sound knowledge of ERP systems ...

Prometheus, Grafana, ELK, etc.). Strong communication skills and the ability to collaborate across engineering teams. Knowledge of compliance/security frameworks (PCI DSS, SOC2, ISO, GDPR). Experience with microservices and serverless environments. Familiarity with SQL/NoSQL databases. Proven ability to lead technical initiatives in complex environments. Location ...

across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. ...

City of London - Hybrid Working Responsibilities: - Plan, lead, and deliver a diverse portfolio of IT Assurance and Consulting engagements, including IT External Audit Support, SOC 1 & SOC 2 Attestations, IT Internal Audit Reviews, Regulatory Compliance Assessments, and Operational Resilience evaluations, ensuring quality delivery within scope, time, and ...

City of London - Hybrid Working Responsibilities: - Plan, lead, and deliver a diverse portfolio of IT Assurance and Consulting engagements, including IT External Audit Support, SOC 1 & SOC 2 Attestations, IT Internal Audit Reviews, Regulatory Compliance Assessments, and Operational Resilience xxuwjjq evaluations, ensuring quality delivery within scope, time ...

Defender for Cloud, encryption using Azure Key Vault, network security with NSGs and Azure Firewall, Azure Policy for governance, and compliance frameworks (ISO 27001, SOC 2, GDPR). Experience conducting security assessments using Microsoft Secure Score, implementing security hardening, and responding to security incidents. Backup & Disaster Recovery - Experience ...

reviews using TOGAF . Delivery of IT risk and control reviews, including cloud security assessments. Leadership of independent IT attestation services (e.g., ISAE 3402 , SOC 2 , SWIFT CSP , PCI DSS ). Experience reviewing cloud platforms (Azure, AWS, GCP) — including architecture, privileged access, FinOps, and resilience. Assessment of DevOps ...

Senior Security Risk Specialist – Contract Location - London (Hybrid – 2 days onsite in Bank) Term: 6 months Rate: £650 per day (Inside iR35) We’re looking for a Senior Security Risk Specialist to support a technology company’s Security Risk Management function. Reporting to the Head of Security Risk & Assurance … background in security risk management within tech or regulated environments Cloud security risk assessment experience (AWS experience a must) Familiarity with ISO 27001, NIST, SOC 2, PCI-DSS Comfortable engaging technical and non-technical stakeholders GRC tooling experience, consulting background, CISM/CRISC/CISSP This ...

security architecture. * Expertise across cloud platforms: Microsoft Azure, AWS, GCP. * Experience with hybrid and on-premise security models. * Understanding of ISO 27001, NIST, SOC 2, CIS Controls. Cloud Security Technologies & Platforms * Microsoft Defender for Cloud, AWS Security Hub, GuardDuty, GCP Security Command Center. * Microsoft Sentinel, AWS CloudTrail, Config ...

fullstack context): React, TypeScript, Vite, Next.js Bonus familiarity: Graph databases and GraphML for relationship modelling .NET for legacy integration or specific tooling Cyber Security SOC2/CE+/Regulatory experience What Success Looks Like (First 12 Months) Core backend services and infrastructure are more scalable, reliable and observable Clear architectural ...

either Consulting/Industry within a technology risk environment Led IT Architecture using the TOGAF framework Led & executed independent IT attestation services - i.e. ISAE3402, SOC2, SWIFT CSP audits and PCI DSS audits Experience in review of Cloud Platforms - Azure, AWS and GCP. Familiar with Cloud Architecture, Management Groups, Privileged Access ...

governance, risk & compliance) or supply-chain risk management. Familiarity with third-party/vendor risk management platforms and frameworks (e.g., NIST, ISO 27001, SOC2, supply-chain risk standards). Understanding of machine-learning/AI concepts (e.g., risk-scoring models, graph analytics, anomaly detection). Experience working with enterprise ...

systems in production Familiarity with prompt management, tool calling, evaluation, and AI safety patterns Healthcare or regulated-industry experience, including familiarity with HIPAA or SOC-2 compliance Experience with claims data, EHR-derived datasets, or real-world evidence Strong written and verbal communication skills with technical and non-technical ...

ideal for someone ready to step up and shape a growing security function. The Role Build and mature security frameworks (ISO 27001, CE+, NIST, SOC 2) Lead gap analysis and audit readiness Own the security risk register and drive mitigation Develop policies, standards, and procedures Support ...

Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening and ideal for someone with 4–5 years’ experience … analytics, baselines and security automation Run vulnerability scanning using tools like Tenable, Pentera, Varonis, Secure Score Support compliance work (ISO 27001, Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling assessments ...

trusted point of contact Translate technology and IT risks into clear financial and business impacts for clients and stakeholders Support and contribute to SOC engagements (experience desirable) Champion audit quality, risk management, and best practice across the team Contribute to the development of new service offerings, including AI Assurance … manage multiple engagements and stakeholders Confidence working independently and taking ownership Strong understanding of ISA 315/330/402 Experience delivering IT Assurance, SOC 1 & 2, and IT Internal Audit engagements. Proficient in testing ITGCs, ITACs, and IPEs across varied system environments. Sound knowledge of ERP systems ...

other OT/IT grid management platforms. Knowledge of GridOS ecosystem and integration with DERMS. Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2). Cloud/hybrid deployment experience (Azure, AWS). Certifications such as ITIL, Security+, or utility-specific systems training. Scripting/automation skills (Python, Bash, PowerShell … other OT/IT grid management platforms. Knowledge of GridOS ecosystem and integration with DERMS. Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2). Cloud/hybrid deployment experience (Azure, AWS). Certifications such as ITIL, Security+, or utility-specific systems training. Scripting/automation skills (Python, Bash, PowerShell ...

Financial Accountant – Growing SaaS Business (Private Equity Backed) Location: Central London (Hybrid – 2–3 days office)Salary: Circa £75k + benefits Job Type: Full-time, Permanent The role:An exciting opportunity has arisen for a Financial Accountant to join a high growth, PE-backed SaaS company headquartered in London … consumption tax reconciliations Support EU invoicing and VAT queries Work on R&D tax credits and transfer pricing Manage various finance admin tasks (e.g. SOC2 compliance, insurance, ONS surveys) Act as a point of contact for Private Equity stakeholder reporting About You: ACA/ACCA qualified, ideally qualified in practice ...