1 to 25 of 70 PCI DSS Jobs in London

Security Compliance Manager - Payments, PCI DSS, SOC2 - £100,000 A rapidly growing payments technology company that has established itself as a major player in the UK market, is seeking a Security Compliance Manager to drive their critical compliance initiatives and strengthen their security posture as they continue their expansion across multiple markets. This is a great opportunity for … an experienced Security Compliance Manager to take ownership of comprehensive compliance programs within a dynamic payments environment. You'll be the go-to expert for PCI certifications, leading compliance strategy, and building robust security control frameworks that enable business growth while maintaining customer trust. Working within the Product Security team, you'll collaborate closely with engineering and product development … to embed security compliance from the ground up. The Security Compliance Manager's responsibilities: Leading and managing all PCI compliance initiatives including PCI DSS, PCI PIN, PCI P2PE certifications, with responsibility for achieving new certifications such as PCI MPoC and PCI SSF. Serving as the primary liaison with Qualified Security Assessors (QSAs) and More ❯

based transaction systems, including payment card processing infrastructure, in a team that values collaboration, security, and reliability. You'll work closely with third-party service providers, ensure compliance with PCI DSS, and help build secure abstractions over APIs that interface with our clients. Responsibilities Maintain and expand our serverless card payment infrastructure built with TypeScript, Node.js, and AWS … Lambda, API Gateway, DynamoDB). Ensure continued PCI DSS compliance. Work with others to fix bugs, implement minimal new features, trace errors, and ensure security patches are applied in production and pre-production environments. Support a clean and well-documented strategy for all dependent services and infrastructure. Collaborate in daily scrum ceremonies, working closely with engineering, security, and … API development, RESTful design, and secure authentication. Demonstrated knowledge of API security and OWASP Top 10 vulnerabilities. Experience with Docker, Linux, Git, and container-based environments. Working familiarity with PCI DSS, payment systems, or other regulated environments is highly desirable. Excellent communicator with a self-starter attitude and comfort working autonomously. Demonstrable expertise and understanding of API development More ❯

cloud-based transaction systems, including payment card processing infrastructure, in a team that values collaboration, security, and reliability. Youll work closely with third-party service providers, ensure compliance with PCI DSS, and help build secure abstractions over APIs that interface with our clients. Responsibilities Maintain and expand our serverless card payment infrastructure built with TypeScript, Node.js, and AWS … Lambda, API Gateway, DynamoDB). Ensure continued PCI DSS compliance. Work with others to fix bugs, implement minimal new features, trace errors, and ensure security patches are applied in production and pre-production environments. Support a clean and well-documented strategy for all dependent services and infrastructure. Collaborate in daily scrum ceremonies, working closely with engineering, security, and … API development, RESTful design, and secure authentication. Demonstrated knowledge of API security and OWASP Top 10 vulnerabilities. Experience with Docker, Linux, Git, and container-based environments. Working familiarity with PCI DSS, payment systems, or other regulated environments is highly desirable. Excellent communicator with a self-starter attitude and comfort working autonomously. Demonstrable expertise and understanding of API development More ❯

procedures in alignment with business objectives, while considering operational needs. Direct the management and continuous improvement of the Information Security Management System (ISMS). Oversee and manage Ravelin's PCI DSS and PCI 3DS compliance program, ensuring requirements are fulfilled, maintained, and areas for enhancement are identified. Conduct routine risk assessments to determine and reduce information security … robust cyber incident response plan, including coordinating necessary responses to incidents and security investigations. Requirements Extensive practical experience implementing and maintaining an ISO 27001 compliant ISMS. Demonstrable experience with PCI DSS compliance, including preparing for and undergoing assessments. Familiarity with information security frameworks (e.g., NIST, CIS). Proficiency in risk management methodologies. Knowledge of common security technologies (e.g. More ❯

fostering a collaborative, inclusive culture rooted in technical excellence, accountability, and continuous improvement. Own the architecture, development, and operational health of mission-critical systems, including sensitive payment infrastructure and PCI DSS-compliant CDE components. Drive integration with a wide ecosystem of third-party providers, including EV charging networks, fuel stations, toll operators, parking aggregators, and acquirers, enabling seamless … performance, and scalability through robust observability, incident response processes, performance testing, and fault-tolerant architecture. Partner with Security, Compliance, and Infrastructure teams to meet regulatory and certification standards (e.g., PCI DSS, TISAX, ISO 27001), and embed security into development workflows. Collaborate cross-functionally with Product, Partner Operations, and Business Development to translate user and partner needs into scalable … a user-centric and data-driven mindset. Experience in designing and operating transactional systems, including session management and payment systems. Demonstrated success in delivering systems in regulated environments (e.g. PCI DSS, TISAX, ISO 27001), including compliance alignment and audit readiness. Advanced knowledge of cloud-native engineering (preferably AWS), microservice architecture, container orchestration, and scalable infrastructure. Fluent in agile More ❯

fostering a collaborative, inclusive culture rooted in technical excellence, accountability, and continuous improvement. Own the architecture, development, and operational health of mission-critical systems, including sensitive payment infrastructure and PCI DSS-compliant CDE components. Drive integration with a wide ecosystem of third-party providers , including EV charging networks, fuel stations, toll operators, parking aggregators, and acquirers, enabling seamless … performance, and scalability through robust observability, incident response processes, performance testing, and fault-tolerant architecture. Partner with Security, Compliance, and Infrastructure teams to meet regulatory and certification standards (e.g., PCI DSS, TISAX, ISO 27001), and embed security into development workflows. Collaborate cross-functionally with Product, Partner Operations, and Business Development to translate user and partner needs into scalable … a user-centric and data-driven mindset. Experience in designing and operating transactional systems, including session management and payment systems. Demonstrated success in delivering systems in regulated environments (e.g. PCI DSS, TISAX, ISO 27001), including compliance alignment and audit readiness. Advanced knowledge of cloud-native engineering (preferably AWS), microservice architecture, container orchestration, and scalable infrastructure. Fluent in agile More ❯

GDPR, ISO 27001, and Cyber Essentials, and a willingness to navigate evolving guidance such as Network and Information Systems Regulations 2018 (NIC) or Payment Card Industry Data Security Standards (PCI DSS) Strong communication and documentation skills, with the ability to collaborate effectively with cross-functional teams, including Engineering, Product, and Legal. A self-starter mindset, who is proactive … and growth. Desirable Qualifications and/or knowledge (any of the following): Certifications or practical experience as/in CISMP, CompTIA Security+, ISO 27001 Lead Implementer, CISM, CISSP, or PCI DSS QSA. Awareness of key regulations, including UK GDPR, Data Protection Act 2018, and the NIS Regulations An understanding of security risk management, governance, and policy implementation Awareness More ❯

culture of security awareness across engineering and business teams. Compliance and Standards : Ensure product security practices align with relevant security frameworks and standards (e.g., OWASP, NIST, ISO 27001, GDPR, PCI DSS). Support regulatory compliance efforts and maintain evidence to meet audit requirements. Collaboration and Communication : Function as the primary interface between security, development, and infrastructure teams, ensuring … reviews, and penetration testing. Proven ability to secure cloud-native architectures, containerization technologies, and Infrastructure as Code (IaC) environments. Familiarity with industry standards and frameworks such as OWASP, BSIMM, PCI DSS, ISO 27001, and GDPR. Security Integration experience: Demonstrated ability to seamlessly integrate secure development practices into SDLC/SSDLC workflows. Skilled in implementing technical security controls and More ❯

as part of our team. About the role As a DevOps Engineer, you will be responsible for designing, implementing, and managing AWS-based highload infrastructure while ensuring compliance with PCI DSS security standards. You will play a crucial role in automating deployments, optimizing system performance, and maintaining reliability in a high-scale environment. The role requires expertise in … redundancy. Develop and optimize CI/CD pipelines to streamline deployments and support zero-downtime releases. Monitor system performance, troubleshoot issues, and implement security best practices in compliance with PCI DSS. We're looking for you if you have 5+ years of DevOps experience, with a focus on AWS, CI/CD, and highload environments. Experience deploying and maintaining … Docker, Kubernetes, and Infrastructure as Code (IaC). Proven track record of achieving high availability for mission-critical services. Solid knowledge of monitoring, security best practices, and compliance with PCI DSS standards. Bonus Points Experience with DORA compliance for financial service providers. What's in it for You Reveal great tech solutions Join the team of experts who More ❯

makes an impact.Your role will involve: Expanding and maintaining a serverless payment processing platform built with TypeScript, Node.js, and AWS services like Lambda, API Gateway, and DynamoDB. Ensuring continued PCI DSS compliance across the full development lifecycle, including patching, error tracing, and applying secure coding practices. Designing secure, well-documented service interfaces and abstractions over external APIs used … technologies. Working knowledge of Infrastructure-as-Code tools. Strong background in RESTful API development, secure authentication mechanisms, and API integration best practices. Experience working in regulated environments such as PCI DSS, or within other compliance-heavy systems. Familiarity with frontend frameworks like React is a bonus. If you're a backend engineer who thrives in cloud-native environments More ❯

an impact. Your role will involve: Expanding and maintaining a serverless payment processing platform built with TypeScript, Node.js, and AWS services like Lambda, API Gateway, and DynamoDB. Ensuring continued PCI DSS compliance across the full development life cycle, including patching, error tracing, and applying secure coding practices. Designing secure, well-documented service interfaces and abstractions over external APIs … technologies. Working knowledge of Infrastructure-as-Code tools. Strong background in RESTful API development, secure authentication mechanisms, and API integration best practices. Experience working in regulated environments such as PCI DSS, or within other compliance-heavy systems. Familiarity with Front End frameworks like React is a bonus. If you're a Back End engineer who thrives in cloud More ❯

understanding of RESTful design and secure authentication. Demonstrated knowledge of API security and OWASP Top 10 vulnerabilities. Experience with Docker, Linux, Git, and container-based environments. Working familiarity with PCI DSS, payment systems, or other regulated environments. Requirements We are looking for candidates with the following: Strong hands-on experience with TypeScript and Node.js. Frontend familiarity is helpful … Responsibilities Key responsibilities in this role will include: Maintaining and expanding our serverless card payment infrastructure built with TypeScript, Node.js, and AWS (Lambda, API Gateway, DynamoDB). Ensuring continued PCI DSS compliance. Working with others to fix bugs and implement minimal new APIs that interface with our clients. More ❯

the services' end-users in the Retail Bank, Business Bank and SBS. Centrally manage our cost of acquiring and acquiring relationships Act as the business owner for merchant acquiring PCI-DSS requirements Manage related payout/refund/indemnity services Open Banking solutions Alongside technology, run and develop our open banking Payment Initiation Services and our internal AIS … solutions to market Support with customer price setting (where relevant) and manage service costs Requirements Essential experience Must have run scale card acquiring relationships on the merchant side, covering PCI-DSS Must have experience in PIS and AIS capabilities, across multiple use cases Must have knowledge of and experience in Direct Debit Origination services Strong payments vocation - must More ❯

where possible, automate Document all the aforementioned processes and integrations, providing clear and comprehensive guides for internal use and compliance purposes and enforce procedures to comply with/improve PCI-DSS, PCI-PIN, and PCI-3DS standards Maintain our testing environments and become experts in International Payment Schemes' test environments If you have a passion for … Issuing platforms Strong analytical and problem-solving skills to troubleshoot technical issues effectively Think creatively and insightfully about business problems Familiarity with industry standards and compliance requirements, such as PCI-DSS. Strong communication and interpersonal skills to build relationships with internal and external stakeholders. Detail-oriented mindset with a focus on quality and accuracy Ability to work independently, manage More ❯

5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

such as TOGAF or SABSA Strong understanding and knowledge of Information Security risk management tools and techniques Demonstrable knowledge of cyber security frameworks, including but not limited to: ISO27001, PCI-DSS, CIS Benchmarks, Cloud Platform Well Architected Frameworks. Demonstrable experience of designing and implementing enterprise security technology controls and platforms, following industry best practices. Experience of security governance More ❯

and blueprints. What You'll Bring Prior and proven experience gained as a Security Architect or in a Technical Cyber Consultant/Engineer role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications More ❯

and blueprints. What You'll Bring Prior and proven experience gained as a Security Architect or in a Technical Cyber Consultant/Engineer role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications More ❯

for breaches. Known for crafting innovative and cost-effective Information Security Management Systems (ISMS), the consultancy enables quantifiable compliance with key information security legislation, regulations, and industry standards, including PCI DSS, the UK Data Protection Act 2018 (DPA 2018), GDPR, and ISO/IEC 27001. If you would like to learn more about this opportunity, feel free to More ❯

access, identifying potential security risks and vulnerabilities, and developing mitigation strategies. Governance and Compliance: Ensure that PAM solutions align with regulatory requirements and industry best practices, including SOX, GDPR, PCI-DSS, and HIPAA. Develop and enforce PAM policies and standards across the organization. Qualification The following skills and experience are essential for this role: Bachelor's degree in More ❯

Responsible for the adherence to and continued certification of the following standards: ISO 9001 Quality Management System ISO 27001 Information Security Management System PCI-DSS Payment Card Industry Data Security Standard ISO 22301 Business Continuity GDPR and Data Protection Laws Conduct regular internal audits in line with the requirements of the standards. Implement compliance initiatives, identify and assess More ❯

improve, maintain and regularly test incident management policy and procedures. Ensuring security operations controls and processes adhere to relevant laws and standards including GDPR, Data Protection Act, Cyber Essentials, PCI DSS. Identify, assess and clearly communicate risks in the domains of operational security Profile A successful Security Operations Manager should have: Applicable security certification, such as CISSP, ISSMP, MSc More ❯

e.g., Okta, Azure AD, CyberArk), and frameworks (preferred). Proficiency in leading threat modelling sessions and using relevant tools (preferred). Familiarity with compliance frameworks like GDPR, CCPA, HIPAA, PCI-DSS, NIST and ISO 27001. Strong scripting and automation skills (e.g. Python, PowerShell, Bash). More ❯

tested. Lead cyber risk input into third-party risk, data privacy, and cloud governance programs. Regulatory & Compliance: Ensure compliance with relevant laws and frameworks (eg, GDPR, DORA, NIS2, SOX, PCI-DSS). Prepare and support audits, risk assessments, and regulatory reviews. Team & Culture Building: Build and lead a high-performing cyber risk team. Drive a risk-aware culture More ❯