1 to 25 of 28 Permanent SOC 2 Jobs in London

chaos to strategic partnerships Compliance & Security Transform compliance from a checkbox exercise into a sales accelerator that wins enterprise deals Own and execute our SOC 2 certification end‐to‐end with efficient, automated evidence gathering Turn RFI and security questionnaire responses into a competitive advantage—fast, thorough, repeatable … people) Able to manage and procure upwards of 50+ vendors, owning a budget in the 7 digits Track record implementing and maintaining compliance frameworks (SOC 2, ISO 27001, GDPR) Experience with enterprise sales support in a B2B SaaS company—you’ve answered RFIs and security questionnaires Proven ability ...

Fractional CISO 2–3 days per week 1 day a week in London (City) Initial 3-month engagement (likely extension) Partnered with an AI-driven digital health startup that’s redefining care across the UK and US. As they scale commercially and prepare for continued US growth, they … whilst also getting deep into controls, engineering processes, access management and audit readiness. What you’ll be doing The immediate priority is leading the SOC 2 programme end-to-end, driving Type I readiness and laying the operational foundations for Type II. Crucially, the environment needs ...

already HIPAA and ISO27001 certified, we’re heading into a PCI DSS audit shortly, and later this year we’ll have GDPR and SOC 2 Type II coming up. The role is based in our dog friendly office in London: The Bower, 207 122, Old Street, London EC1V … What you’ll own/h3 h3 Audits and certifications/h3 ul li Run the PCI DSS audit to completion, then GDPR and SOC 2 Type II this year/li li Serve as the main point of contact for external auditors scoping, evidence, walkthroughs, findings/ ...

external platform access Managing relationships with third-party security providers and ensuring recommendations are delivered effectively Supporting compliance initiatives across standards including ISO 27001, SOC 2 and NIST Acting as an escalation point for significant security incidents when required Driving security awareness and embedding best practice across … operational teams Hands-on scripting or automation experience using Python, Bash or similar tools Experience supporting audits, certifications and compliance frameworks including ISO 27001, SOC 2 and NIST Knowledge of security methodologies such as MITRE ATT&CK Excellent communication and stakeholder management skills Experience operating within high-growth ...

improve processes, thrive without rigid playbooks. Comfortable operating in scale-up environments where customer needs inform product direction. Security & Compliance Acumen: Understand security requirements, SOC 2/ISO 27001, data residency, audit logging, encryption. Trusted conduit between Sales and Technology - able to articulate product capabilities on security RFPs … task management, audit trails, reporting), how they integrate with risk management systems, and typical architecture patterns in Financial Services and Payments. Security Concepts: Understand SOC 2/ISO 27001, data residency and sovereignty, encryption at-rest/in-transit, audit logging, and role-based access control. Troubleshooting Mindset ...

assurance materials are complete, reliable, and well maintained. Assist with control testing, control mapping, and effectiveness reviews across frameworks such as ISO 27001, NIST, SOC 2, DORA, or similar. Identify gaps in controls or processes and work with relevant teams to agree proportionate remediation plans. Support security awareness … cyber risk, GRC, audit, assurance, or a closely related area. Good knowledge of common security frameworks, standards, and regulatory requirements, including ISO 27001, NIST, SOC 2, DORA, or comparable frameworks. Previous involvement in audits, assurance programmes, regulatory reviews, client due diligence, or control assessment activity. Strong communication skills ...

Code: Bridging the gap between technical execution and regulatory requirements. You will build the automated systems that provide real-time evidence for frameworks like SOC 2, ISO 27001 & PCI ensuring we stay compliant without manual overhead. The Team You will be a key member of our growing Security … building the systems that check them for you. Security as Code: Design and maintain custom security tooling in Go to automate evidence collection for SOC2/ISO 27001 and remediation of security alerts. Infrastructure & IAM: Write and peer-review Terraform to manage identity and core infrastructure across AWS and ...

and cloud-native security patterns ✔️ Experience using: ️ Microsoft Defender for Cloud ️ Palo Alto Prisma Cloud ✔️ Strong understanding of compliance frameworks including: NIST ISO 27001 SOC 2 GDPR ✔️ Relevant certifications such as: AZ-500 CCSP Azure Solutions Architect Expert (Desirable) ⭐ Preferred Experience ➕ Experience working within regulated industries such ...

looking for top-tier talent to join us on our journey and enable our next phase of success. Senior DevOps Engineer Novatus HQ - 2 London Wall Place, EC2Y 5AU Job Overview: As a Senior DevOps Engineer , you will scope and deliver complex infrastructure projects end-to-end, building and … firewalls/security groups, VPN/private connectivity, load balancers, and practical troubleshooting. Experience operating cloud infrastructure in regulated environments (e.g. GDPR, ISO 27001, SOC 2). Experience designing observability, monitoring, logging, and alerting solutions for distributed systems. Strong software engineering ability beyond basic scripting. Ideally someone ...

and Docker environments Data Loss Prevention (DLP) and SaaS security governance. Advanced detection engineering or SOAR playbook development. Experience supporting ISO 27001 or SOC 2 audits. Relevant certifications (e.g. CISSP, CISM, GIAC). Workplace & Benefits At Deliveroo we know that people are the heart of the business and ...

cloud security and compliance Own platform‐level security decisions and risk mitigation Ensure secure‐by‐design infrastructure and access controls Support compliance initiatives (SOC 2, ISO:27001) Leadership & Team Development Lead and mentor the DevOps team including DevOps engineers, IT Support and an Information Security Officer Provide technical ...

recruiting for a Security Analyst with Ivanti Neurons experience to join one of our Insurance clients on a 6-month contract. Inside IR35 Hybrid- 2 days a week onsite in Reigate Responsibilities: Support the day-to-day vulnerability and patch management operations using Ivanti Neurons, including discovery, risk assessment ...

platforms (Power BI, Looker) Enable predictive modelling and optimisation using modern ML toolkits Security, Compliance & Responsible AI Ensure alignment with enterprise security standards (SOC2, ISO27001, NIST) Champion explainability, bias mitigation, and ethical AI practices Leadership & Talent Build and lead high-performing global teams across AI, data, and automation Foster ...

e.g., pen tests, scanning). Experience delivering security awareness and incident exercising programmes. Working knowledge of assurance frameworks and resilience expectations (e.g., ISO 27001, SOC 2, NIST CSF). Candidates should be strongly motivated by BII’s development mission and ideally demonstrate some commitment to development or social ...

Infrastructure as Code (Terraform or CloudFormation) Proven experience leading cloud migration strategies and implementations Strong understanding of cloud security and compliance frameworks (e.g. CIS, SOC2) Experience with DevOps tooling (e.g. Git, Jenkins, Docker, Kubernetes) Ability to work in fast-paced, client-facing environments Desirable: Multi-cloud experience (AWS, Azure ...

London CityRole SummaryTheSecurity Awareness Lead is responsible for developing, delivering, andContinuously improving global security awareness and behaviour change programme across a multinational organisation of 2,000+ users. This roleEnsures employees, contractors, and partners understand their securityResponsibilities, make secure decisions, and actively contribute to a strongSecurity culture.The ideal candidate … regions and business units. Develop KPIs and metrics to track behavioural change, susceptibility, and programme effectiveness. Use data insights from Phishing, security incidents, and SOC analytics to drive targeted Interventions. 4. Stakeholder Engagement Collaborate closely with HR, Communications, IT, Data Protection, Legal, and Regional Business Leads. Influence senior stakeholders ...

cloud security posture management. Experience running or contributing to a Security Champions program. Experience with threat modelling (e.g. STRIDE). Familiarity with SOC 2 and ISO 27001. Relevant certifications are considered a plus (e.g. CISSP, IaaS specific certifications). Benefits UK Competitive compensation package Private medical insurance Private ...

systems in production Familiarity with prompt management, tool calling, evaluation, and AI safety patterns Healthcare or regulated-industry experience, including familiarity with HIPAA or SOC-2 compliance Experience with claims data, EHR-derived datasets, or real-world evidence Strong written and verbal communication skills with technical and non-technical ...

Strong executive communication and stakeholder management skills Experience leading and scaling teams within a consulting environment Knowledge of security frameworks (e.g. GDPR, NIST, ISO27001, SOC2) You will gain exposure with: Enterprise-scale Microsoft Security transformation programmes Strategic collaboration across global Microsoft-focused teams Design and delivery of managed security services ...

client workflows, leveraging Tungsten Automation's cutting-edge technologies Security & Compliance Enterprise Security : Maintain a strong grasp of enterprise security practices (IAM, data encryption, SOC2, GDPR, HIPAA) when integrating AI into regulated industries What You Bring Educational Foundation Bachelor's degree in Computer Science, Information Systems, or a related technical ...

Proven ability to design and position platform extensibility strategies, including API governance, developer experience, and partner enablement. Familiarity with SaaS compliance requirements such as SOC 2, ISO 27001, GDPR, and multi-tenant data isolation. Equally comfortable setting a long-term platform vision and rolling up sleeves to unblock ...

/ITSM processes Desirable Experience with Okta Workflows or Privileged Access Exposure to AWS SSO/Identity Center Knowledge of compliance frameworks: ISO 27001 SOC 2 GDPR Experience with endpoint management tools (Intune, Jamf) Why Join? Opportunity to own and shape IAM strategy within a global organisation Work ...

and AI governance frameworks Experience with financial services client environments (FCA-regulated firms as customers or counterparties) Experience supporting SOC 2 audits or other compliance frameworks beyond ISO 27001 Experience reviewing DPAs and other privacy-related contractual annexes against compliance checklists What We Offer Direct mentorship from ...

/or distillation experience Hands-on with dedicated Agentic AI platforms (e.g. Agentforce, Copilot Studio) Knowledge of AI compliance requirements: GDPR, EU AI Act, SOC 2, HIPAA Open-source or research contributions to LangChain, RAG, or Knowledge Graph communities ...

Desirable) Experience in a high-growth or scaling environment Exposure to AI or emerging technologies Knowledge of regulatory and security frameworks such as SOC2 or ISO Background in fintech, SaaS or enterprise platforms Package Competitive base salary and performance-related bonus Equity participation aligned with seniority, Clear progression to Deputy ...