15 of 15 Permanent SOC 2 Jobs in London

RaaS) platforms. Reporting to the Head of Compliance, this role is responsible for implementing, operating, and maintaining security controls, supporting certification to ISO 27001, SOC 2, and other relevant security frameworks, and embedding security-by-design into engineering, IT, and product operations as the business scales globally. This … Maintain risk assessments, risk registers, Statements of Applicability, and control mappings. Collect, manage, and present evidence for ISO 27001 certification and surveillance audits. Support SOC 2 readiness, control operation, evidence gathering, and audit coordination. Security Controls and Engineering Integration Implement and maintain security controls across: Cloud infrastructure and ...

Infrastructure as Code – Build and maintain Terraform across projects, networks, IAM, and services Enforce security and compliance – Implement controls aligned with healthcare requirements (HIPAA, SOC 2, ISO 27001); configure IAM, service accounts, workload identity, network security, and audit logging; support audits and remediation activities Manage internet-facing architecture …/identity-based access models Experience with containerised and serverless workloads (Cloud Run, GKE, Docker) Practical experience implementing security controls in cloud environments (SOC 2, ISO 27001, HIPAA, or similar) Experience operating web-facing, security-sensitive systems Comfortable working closely with ML, data, and product teams to translate ...

container security. Identity & Access Management experience (e.g. Okta). Experience with JVM languages, Terraform/IaC, CDK, or React. Familiarity with GDPR, ISO 27001, SOC 2, EU AI Act/LLMs. Experience delivering audits or using GRC tools (e.g. Drata, Vanta) Interest in AI and/or knowledge ...

someone who enjoys solving practical security challenges and building automation that makes secure development the default. Location: London – 3 days in office/2 days remote Salary: Negotiable + comprehensive benefits package Requirements for DevSecOps Engineer: This company is seeking a technically strong security engineer with proven experience … ability to work across technical and non-technical stakeholders Desirable: Experience with container and Kubernetes security Experience operating within compliance-driven environments (ISO 27001, SOC 2, NIST) Experience building policy-as-code or automated guardrails Exposure to incident response and threat detection engineering Responsibilities for DevSecOps Engineer: Take ...

Prometheus, Grafana, ELK, etc.). Strong communication skills and the ability to collaborate across engineering teams. Knowledge of compliance/security frameworks (PCI DSS, SOC2, ISO, GDPR). Experience with microservices and serverless environments. Familiarity with SQL/NoSQL databases. Proven ability to lead technical initiatives in complex environments. Location ...

assurance programmes. Proven experience designing, executing, and improving structured vendor due diligence processes. Strong understanding of vendor-held assurance artefacts such as ISO 27001, SOC 2, CSA STAR/CAIQ, and security questionnaires. Ability to communicate complex vendor-related cyber risks clearly to both business and technical audiences. ...

Experience with authentication methods such as OAuth 2.0, API keys, JWT IT background with experience supporting, integrating, or administering enterprise software systems Exposure to SOC 2, GDPR, or enterprise security requirements Experience with Infrastructure as Code (CDK, CloudFormation, or Terraform) Knowledge of CI/CD pipelines and deployment … backed by real clients, real revenue, and real partnerships What We Offer 25 days holiday + bank holidays Pension scheme with 10% employer contribution 2% interest rate reduction on home mortgages Professional development & life assistance programs Snacks sent to your door—you pick, we pay 50% off Apple products ...

teams. Key Responsibilities Design and implement security strategies, policies and controls Lead vulnerability assessments, penetration testing and remediation Oversee regulatory and compliance frameworks including SOC2, ISO 27001 and GDPR Monitor systems and respond to incidents and security events Strengthen AWS and GCP cloud security environments Support customer and sales teams ...

systems in production Familiarity with prompt management, tool calling, evaluation, and AI safety patterns Healthcare or regulated-industry experience, including familiarity with HIPAA or SOC-2 compliance Experience with claims data, EHR-derived datasets, or real-world evidence Strong written and verbal communication skills with technical and non-technical ...

ideal for someone ready to step up and shape a growing security function. The Role Build and mature security frameworks (ISO 27001, CE+, NIST, SOC 2) Lead gap analysis and audit readiness Own the security risk register and drive mitigation Develop policies, standards, and procedures Support ...

technologies. Stay informed about emerging threats and trends, integrating this knowledge into the security testing processes Support the firms certification activities, such as ISO27001, SOC2, and Cyber Essentials Plus, by assisting with audits, documentation, and continuous improvement efforts. Engage with security industry groups and collaborate with external industry partners ...

Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening and ideal for someone with 4–5 years’ experience … analytics, baselines and security automation Run vulnerability scanning using tools like Tenable, Pentera, Varonis, Secure Score Support compliance work (ISO 27001, Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling assessments ...

+ project delivery. Nice to Have Fintech/payments or similarly regulated environment experience. Familiarity with compliance frameworks/audit controls ( SOC 2/ISO 27001/PCI ). ...

secure hiring platform used by employers to review candidates. Your profile stays anonymous until you match. Click Apply to continue. It takes 2 minutes. Senior Security Engineer London Hybrid High growth AI Technology Company £85,000 to £115,000 plus bonus and equity We are working with a fast … teams. Key Responsibilities Design and implement security strategies, policies and controls Lead vulnerability assessments, penetration testing and remediation Oversee regulatory and compliance frameworks including SOC2, ISO 27001 and GDPR Monitor systems and respond to incidents and security events Strengthen AWS and GCP cloud security environments Support customer and sales teams ...

other OT/IT grid management platforms. Knowledge of GridOS ecosystem and integration with DERMS. Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2). Cloud/hybrid deployment experience (Azure, AWS). Certifications such as ITIL, Security+, or utility-specific systems training. Scripting/automation skills (Python, Bash, PowerShell … other OT/IT grid management platforms. Knowledge of GridOS ecosystem and integration with DERMS. Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2). Cloud/hybrid deployment experience (Azure, AWS). Certifications such as ITIL, Security+, or utility-specific systems training. Scripting/automation skills (Python, Bash, PowerShell ...