1 to 25 of 33 Permanent SOC 2 Jobs in London

secure practices across engineering and business teams. You’ll play a key role in ensuring our systems and processes align with ISO 27001 and SOC 2 requirements, contributing to risk assessments, and supporting incident response activities. Working closely with product and engineering teams, you’ll help embed security … Type II audits, ensuring controls remain effective. Drive readiness for ISO/IEC 42001 AI certification Apply prior experience successfully obtaining ISO and SOC certifications Manage customer due diligence requests and run Definely’s SafeBase-powered Trust Center; streamline customer security questionnaires, DPAs, and RFP security sections. Product & Engineering ...

already HIPAA and ISO27001 certified, we’re heading into a PCI DSS audit shortly, and later this year we’ll have GDPR and SOC 2 Type II coming up. The role is based in our dog friendly office in London: The Bower, 207 122, Old Street, London EC1V … What you’ll own/h3 h3 Audits and certifications/h3 ul li Run the PCI DSS audit to completion, then GDPR and SOC 2 Type II this year/li li Serve as the main point of contact for external auditors scoping, evidence, walkthroughs, findings/ ...

Lead structured pilots with signed mutual action plans, clear success criteria, and measurable exit criteria before they start. Navigate enterprise procurement end-to-end: SOC 2, DPAs, MSAs, redlines, and vendor security reviews. Feed tight feedback loops to product and engineering on objections, competitive context, and pilot learnings. … Comfortable selling to and holding conversations with deeply technical buyers (engineering, AI/ML, security teams). Experience navigating enterprise security and compliance procurement (SOC 2, DPAs, MSAs). Startup experience (Seed–Series B) — you thrive in ambiguity and can iterate fast. Tech stack at company : Voice ...

group-level data capability is live with a published catalog and cross-divisional SLAs. Regulatory & Cost Control: Engineering consistently hits all MiCA, DORA, and SOC 2 milestones while managing cloud and vendor spend against clear business-unit baselines. Key Responsibilities Engineering Delivery & Cadence: Run day-to-day global … group data pipelines and governance. Cybersecurity Execution & Compliance: Own the on-the-ground execution of The Company’s security and regulatory commitments (MiCA, DORA, SOC 2). Foster a "controls-by-design" engineering culture while respecting regulated divisional information walls. Talent, Budget & Scale: Manage the global engineering budget ...

group-level data capability is live with a published catalog and cross-divisional SLAs. Regulatory & Cost Control: Engineering consistently hits all MiCA, DORA, and SOC 2 milestones while managing cloud and vendor spend against clear business-unit baselines. Key Responsibilities Engineering Delivery & Cadence: Run day-to-day global … group data pipelines and governance. Cybersecurity Execution & Compliance: Own the on-the-ground execution of The Company’s security and regulatory commitments (MiCA, DORA, SOC 2). Foster a "controls-by-design" engineering culture while respecting regulated divisional information walls. Talent, Budget & Scale: Manage the global engineering budget ...

improve processes, thrive without rigid playbooks. Comfortable operating in scale-up environments where customer needs inform product direction. Security & Compliance Acumen: Understand security requirements, SOC 2/ISO 27001, data residency, audit logging, encryption. Trusted conduit between Sales and Technology - able to articulate product capabilities on security RFPs … task management, audit trails, reporting), how they integrate with risk management systems, and typical architecture patterns in Financial Services and Payments. Security Concepts: Understand SOC 2/ISO 27001, data residency and sovereignty, encryption at-rest/in-transit, audit logging, and role-based access control. Troubleshooting Mindset ...

business Supporting onboarding and offboarding processes Ensuring internal systems remain secure and compliant Working alongside external consultants certification projects such as IS27001/SOC 2 Providing technical information, documentation and evidence throughout the audit process Identifying opportunities to improve internal processes, security and efficiency What we're looking … environments Good understanding of cyber security best practices and access management Experience supporting security audits, compliance programmes or certifications such as ISO 27001 or SOC 2 A proactive and self sufficient approach Strong communication skills with the ability to support both technical and non technical users Why join ...

looking for top-tier talent to join us on our journey and enable our next phase of success. Senior DevOps Engineer Novatus HQ - 2 London Wall Place, EC2Y 5AU Job Overview: As a Senior DevOps Engineer , you will scope and deliver complex infrastructure projects end-to-end, building and … firewalls/security groups, VPN/private connectivity, load balancers, and practical troubleshooting. Experience operating cloud infrastructure in regulated environments (e.g. GDPR, ISO 27001, SOC 2). Experience designing observability, monitoring, logging, and alerting solutions for distributed systems. Strong software engineering ability beyond basic scripting. Ideally someone ...

and incident response workflows Experience with scripting or automation using Python, PowerShell, or similar Knowledge of security frameworks such as NIST, ISO 27001, SOC 2, or CIS Strong problem-solving mindset with the ability to operate across multiple security domains Experience within regulated or financial environments is beneficial ...

and incident response workflows Experience with scripting or automation using Python, PowerShell, or similar Knowledge of security frameworks such as NIST, ISO 27001, SOC 2, or CIS Strong problem-solving mindset with the ability to operate across multiple security domains Experience within regulated or financial environments is beneficial ...

Senior Security & Compliance Architect London/Hybrid (1–2 days onsite per week) Salary: Up to £140,000 + Package We are seeking a Senior Security & Compliance Architect to lead the design, governance, and assurance of secure cloud and SaaS platforms across large-scale enterprise transformation programmes. This … platforms Design and implement data protection controls including classification, DLP, encryption, retention, and access policies Interpret and implement compliance requirements including GDPR, ISO 27001, SOC 2, and client security obligations Lead SaaS/vendor security assurance, including risk assessments, architecture reviews, and due diligence Support incident response, resilience ...

security controls. Experience supporting risk assessments, audits, compliance reviews, or control testing activities. Knowledge of security and compliance frameworks such as ISO 27001, NIST, SOC2, or GDPR. Ability to analyse technical risks and communicate findings clearly to technical and non-technical stakeholders. Desirable: Experience within financial services, FinTech, or other ...

least privilege, and security hardening principles. Desirable Experience with Microsoft Sentinel, Splunk, Tenable, Qualys, or Defender TVM. Knowledge of NIST, ISO 27001, CIS, or SOC 2 frameworks. Familiarity with Azure Automation, Logic Apps, PKI, and certificate management. About You - You are a proactive and detail-oriented security professional ...

Information Security Engineer London (Barbican) | Hybrid Working (2 days per week onsite) £80,000 - £90,000 + 8% Bonus + Excellent Pension & Benefits * Must be eligible for UK Security Clearance * Are you an Information Security Engineer looking to work on technology that genuinely makes a difference This … security initiatives Desirable Experience Security certifications such as Security+, CISSP, SSCP, CISA, CCSK or similar Exposure to compliance frameworks including GDPR, PCI-DSS, SOC 2, HIPAA, FedRAMP or similar Experience within large-scale enterprise or highly regulated environments What's On Offer? Salary ...

Information Security Engineer London (Barbican) | Hybrid Working (2 days per week onsite) £80,000 - £90,000 + 8% Bonus + Excellent Pension & Benefits * Must be eligible for UK Security Clearance * Are you an Information Security Engineer looking to work on technology that genuinely makes a difference? This … security initiatives Desirable Experience Security certifications such as Security+, CISSP, SSCP, CISA, CCSK or similar Exposure to compliance frameworks including GDPR, PCI-DSS, SOC 2, HIPAA, FedRAMP or similar Experience within large-scale enterprise or highly regulated environments What's On Offer? Salary ...

Information Security Engineer London (Barbican) | Hybrid Working (2 days per week onsite) £80,000 to £90,000 + 8% Bonus + Excellent Pension & Benefits * Must be eligible for UK Security Clearance * Are you an Information Security Engineer looking to work on technology that genuinely makes a difference This … security initiatives Desirable Experience Security certifications such as Security+, CISSP, SSCP, CISA, CCSK or similar Exposure to compliance frameworks including GDPR, PCI-DSS, SOC 2, HIPAA, FedRAMP or similar Experience within large-scale enterprise or highly regulated environments What's On Offer? Salary ...

Information Security Engineer London (Barbican) | Hybrid Working (2 days per week onsite) £80,000 to £90,000 + 8% Bonus + Excellent Pension & Benefits * Must be eligible for UK Security Clearance * Are you an Information Security Engineer looking to work on technology that genuinely makes a difference? This … security initiatives Desirable Experience Security certifications such as Security+, CISSP, SSCP, CISA, CCSK or similar Exposure to compliance frameworks including GDPR, PCI-DSS, SOC 2, HIPAA, FedRAMP or similar Experience within large-scale enterprise or highly regulated environments What's On Offer? Salary ...

London CityRole SummaryTheSecurity Awareness Lead is responsible for developing, delivering, andContinuously improving global security awareness and behaviour change programme across a multinational organisation of 2,000+ users. This roleEnsures employees, contractors, and partners understand their securityResponsibilities, make secure decisions, and actively contribute to a strongSecurity culture.The ideal candidate … regions and business units. Develop KPIs and metrics to track behavioural change, susceptibility, and programme effectiveness. Use data insights from Phishing, security incidents, and SOC analytics to drive targeted Interventions. 4. Stakeholder Engagement Collaborate closely with HR, Communications, IT, Data Protection, Legal, and Regional Business Leads. Influence senior stakeholders ...

more GRC technology platforms (OneTrust, ServiceNow GRC, Archer, MetricStream, or similar). Familiarity with widely used GRC frameworks and standards (ISO 27001, ISO 27701, SOC 2, NIST CSF, COSO, or similar). Working knowledge of GDPR, the EU AI Act, and the wider regulatory landscape across … What we offer Competitive salary 26 days of annual leave, with the option to accrue additional days over time Hybrid working as standard, with 2 days in the office Private pension contributions Optional private health insurance A work from anywhere policy that lets you work abroad for defined periods ...

more GRC technology platforms (OneTrust, ServiceNow GRC, Archer, MetricStream, or similar). Familiarity with widely used GRC frameworks and standards (ISO 27001, ISO 27701, SOC 2, NIST CSF, COSO, or similar). Working knowledge of GDPR, the German Federal Data Protection Act (BDSG), and the broader regulatory landscape ...

systems in production Familiarity with prompt management, tool calling, evaluation, and AI safety patterns Healthcare or regulated-industry experience, including familiarity with HIPAA or SOC-2 compliance Experience with claims data, EHR-derived datasets, or real-world evidence Strong written and verbal communication skills with technical and non-technical ...

Strong executive communication and stakeholder management skills Experience leading and scaling teams within a consulting environment Knowledge of security frameworks (e.g. GDPR, NIST, ISO27001, SOC2) You will gain exposure with: Enterprise-scale Microsoft Security transformation programmes Strategic collaboration across global Microsoft-focused teams Design and delivery of managed security services ...

Senior Cyber Security Engineer | InfoSec | Cybersecurity London Hybrid (2 days per week onsite) £90,000 to £100,000 + 8% Bonus + Pension & Benefits Large government projects Requires eligibility for UK Security Clearance This is an opportunity to join one of the world's leading enterprise software organisations, delivering … security incidents Desirable Experience Security certifications such as Security+, CISSP, SSCP, CISA, CCSK or similar Exposure to compliance frameworks including GDPR, PCI-DSS, SOC 2, HIPAA, FedRAMP or similar Experience within large-scale enterprise or highly regulated environments Hit apply to upload your CV Spectrum IT Recruitment (South ...

Senior Cyber Security Engineer | InfoSec | Cybersecurity London Hybrid (2 days per week onsite) £90,000 to £100,000 + 8% Bonus + Pension & Benefits Large government projects Requires eligibility for UK Security Clearance This is an opportunity to join one of the world's leading enterprise software organisations, delivering … security incidents Desirable Experience Security certifications such as Security+, CISSP, SSCP, CISA, CCSK or similar Exposure to compliance frameworks including GDPR, PCI-DSS, SOC 2, HIPAA, FedRAMP or similar Experience within large-scale enterprise or highly regulated environments Hit apply to upload your CV Spectrum IT Recruitment (South ...

Azure, the Microsoft 365 (M365) ecosystem, and Cisco networking technologies Salary up to £75,000 9:30am to 6:00pm working hours Hybrid working (2 or 3 days in the office) Generous employee benefits The ideal candidate will bring deep technical expertise, a security-first mindset, and experience operating … access management, including SSO and MFA. Knowledge of backup, disaster recovery, and business continuity strategies. Familiarity with compliance frameworks relevant to legal environments (e.g., SOC 2 ...