1 to 25 of 104 PCI DSS Jobs in the UK

AD), Windows Server environments, and authentication solutions. Plan for scalability, redundancy, and high availability to support future growth. IT Security & Compliance: Ensure compliance with security and regulatory standards, including PCI DSS, Cyber Essentials+, DORA, and ISO 27001. Implement and enforce security best practices across infrastructure automation and cloud environments. Maintain accurate compliance documentation, including PCI DSS scope records and security policies. Secure high-value and high-risk data, such as cardholder (PCI) and personally identifiable information (PII). Cloud & Automation (these tools and skills will be taught): Implement and manage Infrastructure as Code (IaC) for cloud and on-premises environments. Learn how to automate configuration management, infrastructure provisioning, and application deployment. Configure and maintain … essential. Desirable (but not required) experience: Some interest in learning and using automation tools such as Azure DevOps, Terraform, Node-Red, Packer. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Scripting and automation skills (PowerShell, Python, Bash, or similar). Ability to design, implement, and maintain CI/CD pipelines for More ❯

months (Inside IR35) Day Rate: £462 per day Location: Milton Keynes (1–2 days onsite per week) Overview: We are seeking an experienced Solution Architect with strong expertise in PCI DSS v4 to support a leading financial services organisation on a long-term engagement. The successful candidate will work closely with stakeholders to design, assure, and govern secure … within the payment card ecosystem. Key Responsibilities: Develop solution options, architectural designs, and impact assessments that meet business and compliance objectives. Provide assurance across solution designs, ensuring alignment with PCI DSS requirements and best practice. Drive solutions through established governance processes, balancing compliance, security, and operational effectiveness. Collaborate with business and technical stakeholders to embed PCI DSS … Required: Proven experience as a Solution Architect in enterprise-scale or regulated environments. Strong understanding of the payment card ecosystem . In-depth knowledge and hands-on experience with PCI DSS v4 compliance requirements and levels. Track record of producing architectural deliverables and supporting governance processes. Excellent communication and stakeholder engagement skills. More ❯

own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical … projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability … Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in More ❯

own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical … projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability … Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in More ❯

own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical … projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability … Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in More ❯

impact projects within a forward-thinking, supportive environment that values expertise, innovation, and growth. KEY RESPONSIBILITIES: Deliver high-quality GRC services, including: ISO 27001 NIST Gap Analysis CAF Assessments PCI DSS CSMA, ISF, and CIS Assessments Develop and maintain in-house methodologies, templates, and delivery playbooks for core GRC services. Conduct client workshops, interviews, and assessments to gather … Computer Science, Risk Management, or a related field, or equivalent professional experience. - ESSENTIAL Professional Experience One or more of the following: ISO 27001 Lead Auditor or Lead Implementer certification PCI DSS Qualified Security Assessor (QSA) or Internal Security Assessor (ISA) NIST Cybersecurity Framework or CAF-related training/accreditation Certified Information Systems Security Professional (CISSP) Certified Information Security … tabletop exercises, or assurance testing engagements. - DESIRABLE Other Requirements Strong understanding of governance, risk, and compliance principles, including key frameworks and regulations such as ISO 27001, NIST CSF, CAF, PCI DSS, and GDPR. - ESSENTIAL Excellent written and verbal communication skills, with the ability to translate technical requirements into business language. - ESSENTIAL Ability to travel to client sites as More ❯

an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System (ISMS) * Coordinate internal and external audit readiness for … ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote good security practices and raise awareness across departments * Act as an escalation … and standards relating to information and cyber security Key Skills & Experience: Essential: * Background in IT, Cyber Security, Information Systems, or a related discipline * Strong working knowledge of ISO 27001, PCI DSS, and Cyber Essentials Plus * Proven ability to support and prepare for audits, including evidence collation and audit readiness * Excellent attention to detail and ability to produce high More ❯

coverage and accurate results Rapid Response: Meet aggressive client SLAs for vulnerability resolution while maintaining quality and thoroughness Evidence & Reporting: Generate audit-ready reports and maintain evidence trails for PCI-DSS, 3DS, SOC2, and ISO compliance Continuous Improvement: Identify patterns in vulnerabilities and work with teams to implement preventive measures What you'll bring: Technical Foundation … read/understand code across multiple languages Problem Solver: Ability to dig deep into complex vulnerabilities and work with engineers to find practical solutions Financial Services Knowledge: Experience with PCI-DSS authenticated scanning and financial services security requirements (preferred) Collaborative Approach: Excellent interpersonal skills to work effectively with diverse engineering teams Technical Environment: Current Tools: Tenable, internal SAST … solutions Technologies: Modern banking platform stack including mobile, web services, and backend systems Compliance: PCI-DSS, 3DS, SOC2, ISO frameworks Methodology: Transitioning from reactive to proactive security approach Key deliverables: Operational excellence in vulnerability management across the entire platform Reduced mean time to resolution for critical vulnerabilities Strong relationships with engineering teams built on trust and technical credibility More ❯

Administrator to strengthen our IT team. About the Role You’ll manage and optimise Linux systems (Red Hat/CentOS), support Windows environments, and ensure infrastructure security and compliance (PCI DSS). This role involves working across hybrid cloud setups, particularly AWS, and collaborating with cross-functional teams to maintain scalable, high-performance systems. Key Responsibilities Install, configure … IP) Manage user access and permissions Apply security patches and updates Support AWS infrastructure (EC2, S3, IAM, VPC) Implement backup and disaster recovery Maintain documentation and asset inventories Ensure PCI DSS compliance and assist with incident response Collaborate with development, security, and operations teams Drive automation and process improvements Qualifications & Experience Degree in Computer Science, IT, or equivalent … experience 3–5 years of Linux administration (Red Hat/CentOS) Windows environment experience Networking knowledge (CCNA level or equivalent) AWS familiarity Understanding of PCI DSS and secure practices Scripting and automation skills (Bash, Python, Ansible) Strong troubleshooting and documentation abilities Preferred Skills RHCSA or higher certification CCNA certification Experience with monitoring and config management tools Familiarity with More ❯

security (firewalls, VPCs), and identity and access management (IAM) for data and model assets. Compliance & Governance: Ensure the MLOps platform adheres to stringent financial industry regulations (e.g., GDPR, SOX, PCI-DSS, SWIFT CSCF) and internal policies (Model Risk Management). Automate compliance evidence collection. Threat Modeling & Risk Assessment: Proactively conduct threat modeling for AI/ML systems, identifying … and/or Bash. Ability to write automation scripts and understand data science code for security reviews. Financial Sector Compliance: Familiarity with financial industry regulations and standards (e.g., GDPR, PCI-DSS, SWIFT CSCF) and their technical implications. Qualifications & Experience (Preferred) Relevant security certifications (e.g., CISSP, CCSP, AWS/Azure Security Specialist). Kubernetes security certifications (e.g., CKS - Certified More ❯

as a partner to the business and provide oversight, assurance and governance to ensure controls are effectively implemented. Security Frameworks : Understanding of security frameworks such as ISO:27001 and PCI-DSS. Strong Communication Skills : Ability to communicate effectively to colleagues at all levels, both verbally and in writing, and translate complex technical information to non-technical audiences while building … strong relationships with key stakeholders. What's involved: Implement and maintain established control frameworks such as ISO27001 and PCI-DSS and other relevant security frameworks, including the creation of policies, standards, and other documentation. Lead the governance, oversight, and assurance on technical security controls and technical design on both new and existing solutions in FCG's network and … frameworks, including experience and proficiency in cloud security. Experience and expertise in Azure environment security, vulnerability management, and associated processes. Detailed knowledge of Information Security frameworks and standards, particularly PCI-DSS, ISO27001, and other cyber frameworks. Experience of managing Information Security in an Agile Change Environment. Proven track record of undertaking control assurance reviews against best practice standards More ❯

triaging alerts, investigating incidents, identifying root causes, and coordinating response actions Implement and manage security controls across AWS, Azure, and on-prem environments, aligning with frameworks like ISO 27001, PCI-DSS Build and maintain clear, actionable dashboards and reports for technical and leadership teams, covering threats, vulnerabilities, incident trends, and control effectiveness Keep our documentation tight - from runbooks … especially AWS and Azure - and applying cloud security principles in live environments Experience in a regulated industry, ideally financial services, with knowledge of relevant compliance standards (e.g., ISO 27001, PCI-DSS) Hands-on expertise with Microsoft security tools - including Defender for Endpoint, Defender for Cloud, Defender for Identity, Microsoft Purview, Taegis, Z-Scaler or equivalents A strong infrastructure More ❯

the organisation Stay current with GRC trends, standards, and best practices Assist in managing the Security GRC Framework Collaborate with stakeholders, auditors, and vendors Support compliance activities (CAF, SEMD, PCI DSS, ISO27001) Monitor and report on security compliance and incidents Conduct controls testing and coordinate audit findings Advise on compliance matters and manage policy exemptions Liaise with Data …/DEFEND, and other security frameworks Solid understanding of cyber security, including Cyber Essentials and social engineering Awareness of current IS technologies, threats, and vulnerabilities Familiarity with ISO 27001, PCI DSS, and ITIL frameworks Hands-on experience with risk management tools and processes Skilled at translating business needs into security solutions Experience developing and maintaining IS policies and More ❯

is well defined. Engage risk review and assurance activities across existing suppliers. Provide IT and business advice on aspects of security standards and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Engage with I&T system owners to provide training in relation to information security, cyber resilience, phishing, and facilitation of cyber scenario desktop simulations … consequences across both IT and manufacturing environments in manufacturing or similar industries. Experience working with information security standards and frameworks such as and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Proven analytical, problem-solving, planning, project delivery and supplier work packages management skills. Demonstrable experience of engaging across all levels of a company in More ❯

aligning engineering execution with business goals, ensuring scalability, security, reliability, and maintainability. Your contribution Key Responsibilities 1. Technical Leadership • Architect secure, high-availability systems with compliance in mind (e.g., PCI DSS, SOC 2, ISO 27001). • Ensure robust encryption, audit trails, and access control mechanisms. • Guide backend design for high-volume transactional systems (e.g., ledgers, payments, identity verification … and quality under business pressures. • Strong communication with both technical and non-technical stakeholders, especially in regulated contexts. • Conflict resolution and emotional intelligence. Domain • Experience with financial regulations (e.g., PCI-DSS, GDPR, PSD2). • Familiarity with fintech standards and third-party integrations (e.g. Decision Engines, ID&V, Swift, ISO 20022). Success Metrics • System Trustworthiness: Uptime, performance, technical More ❯

measuring cost-effectiveness Respond promptly in-hours to technical incidents Embrace automation and be reluctant for manual implementation Implement security best practices ensuring platform compliance with ISO27001, SOC2 and PCI-DSS Share knowledge with colleagues by writing technical documentation and leading training sessions Requirements Ideally you will be an inquisitive Infrastructure Engineer, with an aptitude for finding clean … communication and problem-solving skills Desirably you will have: Understanding of database monitoring, analysis, disaster recovery and performance tuning Knowledge of security and compliance frameworks like ISO270001, SOC2 and PCI-DSS Understanding of networking and routing concepts (TCP/IP, VLANs, VPNs, BGP, etc) and preferably experience designing and establishing connectivity between AWS and on-premise locations The More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

on-prem platforms, and ensuring systems are resilient and secure-by-design. Key Duties: Champion Secure by Design principles across teams and platforms. Align architecture with NCSC, GovAssure, ISO27001, PCI-DSS, and GDPR standards. Guide and support technical teams in making risk-aware, security-focused decisions. Shape roadmaps, frameworks, and compliance plans that support innovation. Provide expert advice … to the GovAssure process and other audit/compliance activities. Requirements: Proven experience in security architecture and leadership. Strong understanding of compliance frameworks and cybersecurity standards (NCSC, ISO27001, GDPR, PCI-DSS). Experience in cloud, hybrid, and on-premise environments. Excellent communication, mentoring, and problem-solving skills. Ability to influence technical decisions and guide teams across multiple platforms. More ❯

on-prem platforms, and ensuring systems are resilient and secure-by-design. Key Duties: Champion Secure by Design principles across teams and platforms. Align architecture with NCSC, GovAssure, ISO27001, PCI-DSS, and GDPR standards. Guide and support technical teams in making risk-aware, security-focused decisions. Shape roadmaps, frameworks, and compliance plans that support innovation. Provide expert advice … to the GovAssure process and other audit/compliance activities. Requirements: Proven experience in security architecture and leadership. Strong understanding of compliance frameworks and cybersecurity standards (NCSC, ISO27001, GDPR, PCI-DSS). Experience in cloud, hybrid, and on-premise environments. Excellent communication, mentoring, and problem-solving skills. Ability to influence technical decisions and guide teams across multiple platforms. More ❯

risk management and reporting experience. With previous experience within an InfoSec GRC team, you'll have strong knowledge of working with the following: Payment Card Industry Data Security Standard (PCI-DSS) for a Tier 1 merchant General Data Protection Regulation (GDPR) NIST Cybersecurity Framework (CSF) v2.0 Critical Security Controls Libraries such as CIS Controls Cyber Essential Plus (CEP More ❯

s Information Security Management System remains effective in protecting HL critical information assets within risk appetite. Lead assurance activities against Information Security Compliance frameworks, including but not limited to: PCI, NIST, SWIFT, GDPR Conducting analysis of cloud-based assets pertaining to information security incidents, audits, and testing while adhering to best practices. Lead engagement of Cloud Audits and remediation … CISSP, CRISC Hands on demonstratable experience and knowledge of: Carrying out security reviews against recognised security control frameworks such as CSA Cloud Control Matrix, ISO27017/27001, NIST CSF, PCI-DSS, SWIFT, AWS CAF Atlassian, IAAC Terraform, Merge Requests, GIT Ops, Git Hub, Workflow, Wiz, Security Hub, Macie, Audit Manager, Microsoft Compliance Portal/Purview, Microsoft Information Protection More ❯