1 to 25 of 764 PCI DSS Jobs in the UK

conducting vulnerability assessments, incident response, and forensics using tools such as Nessus Proficiency in threat hunting, malware analysis, and intrusion detection techniques Familiarity with compliance frameworks (e.g., NIST, ISO, PCI-DSS) and regulatory requirements Strong analytical skills with the ability to think like an attacker and find creative security solutions Experience of working in a hands-on role More ❯

and managed mitigation strategies Understanding SWIFT CSP, and operational resilience frameworks Knowledge of implementing and managing ISO27001:2022 Information Security Management Systems Familiar with: SOC2 Type II, NIST CSF, PCI DSS and NCSC guidance Familiarity with Data Protection and Financial regulations i.e. GDPR, FCA regulations, PRA guidelines, UK Data Protection Act, DORA Skills: Technically astute, understands technical risks More ❯

vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI DSS). Professional certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem–solving, and communication skills. Desirable: Experience in the finance or More ❯

vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI DSS). Professional certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem-solving, and communication skills. Desirable: Experience in the finance or More ❯

Familiarity with cloud security models (AWS, Azure, GCP) and securing hybrid environments. Experience in security operations, threat intelligence, and forensic analysis . Knowledge of regulatory compliance requirements (GDPR, HIPAA, PCI-DSS, etc.). Strong analytical and problem-solving skills with the ability to assess complex security risks. Excellent communication and leadership skills to influence stakeholders and drive security More ❯

recovery, and business continuity planning. Oversee and guide client security teams in implementing and managing security controls. Assist clients with compliance requirements related to various regulations (GDPR, CCPA, HIPAA, PCI DSS, etc.) and standards (e.g., ISO 27001, SOC 2). Manage security risk committees to support client cyber risk management practices. Track and manage remediation of security audit More ❯

risks. To develop and embed best-practice security processes and knowledge into technical teams aligned to Zero Trust principles and in line with industry standards and frameworks (e.g. NIST, PCI DSS). To identify opportunities for automation and optimization and drive maximum value from existing technologies and services to strengthen Clarks' overall security posture. DIMENSIONS Financial : No direct … and architecture teams to plan and deliver remediation activities Supporting the development of relevant security roadmaps and activity plans aligned to Zero Trust principles and common industry frameworks (NIST, PCI DSS etc) Assisting in the review and development of operational processes and procedures required to maintain cyber security for I T services, including managing endpoint compliance, system hardening … of privacy and data protection laws and regulations and how they apply to technology environments (e.g. GDPR, PIPL etc) Knowledge of other regulatory or compliance frameworks such as ISO, PCI DSS, NIST etc Likely to hold at least one common security certification (CEH, CCSP, CISSP, OSCP) alongside other relevant IT certifications (ITIL, AMP, Prince2 etc) preferred Additional technologies More ❯

risks. To develop and embed best-practice security processes and knowledge into technical teams aligned to Zero Trust principles and in line with industry standards and frameworks (e.g. NIST, PCI DSS). To identify opportunities for automation and optimization and drive maximum value from existing technologies and services to strengthen Clarks’ overall security posture. DIMENSIONS Financial : No direct … and architecture teams to plan and deliver remediation activities Supporting the development of relevant security roadmaps and activity plans aligned to Zero Trust principles and common industry frameworks (NIST, PCI DSS etc) Assisting in the review and development of operational processes and procedures required to maintain cyber security for I T services, including managing endpoint compliance, system hardening … of privacy and data protection laws and regulations and how they apply to technology environments (e.g. GDPR, PIPL etc) Knowledge of other regulatory or compliance frameworks such as ISO, PCI DSS, NIST etc Likely to hold at least one common security certification (CEH, CCSP, CISSP, OSCP) alongside other relevant IT certifications (ITIL, AMP, Prince2 etc) preferred Additional technologies More ❯

skills to interpret data and provide insights into threats facing the bank. Awareness of common Cyber Incidents and Security breaches (OWASP). Knowledge or experience in SOC2, ISO 27001, PCI DSS and GDPR. Previous experience working within an organisations Cyber Incident Response function. Hands on experience with Information Security tools. About you: Team player with the ability to … Effective time management and ability to prioritize tasks. Strong analytical and problem-solving skills. Proficiency in Microsoft Office. Interested? Please Apply! SOC ISO ISAO CISSP NIST CSF ISO27000 ISO27001 PCI DSS GDPR Cybersecurity Cyber Security Information Security Infosec Cybersec Risk Infrastructure ISMS 2LOD 2 LOD Second Line of Defence Seniority level Seniority level Not Applicable Employment type Employment More ❯

Proficiency with security tools such as SIEM, IDS/IPS, and vulnerability scanners. Strong understanding of network security, firewalls, and access control. Knowledge of regulatory frameworks like GDPR, HIPAA, PCI-DSS, or NIST. Experience in incident response and forensic analysis. Excellent analytical, problem-solving, and communication skills. Certifications such as CompTIA Security+, CEH, CISSP, or CISM. Experience with More ❯

essentia l, if you also had one or more of Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA/NIST SP800-53, ISO 27001, DORA Cyber security certification e.g. Certified Information System Security Professional (CISSP), Cloud Certified Security Professional More ❯

essentia l, if you also had one or more of Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA/NIST SP800-53, ISO 27001, DORA Cyber security certification e.g. Certified Information System Security Professional (CISSP), Cloud Certified Security Professional More ❯

application platforms and foster a security-aware culture. Participate in incident response activities from detection to recovery and lessons learned. Ensure compliance with security standards and regulations such as PCI DSS SAQ-A. Candidate Profile Bachelor's degree in Computer Science, Cybersecurity, or a related field. Proven experience in cybersecurity, especially cloud security. Familiarity with cloud platforms (AWS More ❯

endpoints, applications, and databases meet security standards. Security Audits: Support internal and external audits of information security practices and systems, ensuring compliance with industry regulations (e.g., GDPR, SOC2, CE+, PCI-DSS, ISO). Collaboration: Work closely with ANS technical teams to integrate security best practices into all aspects of system architecture and development lifecycles, as well as managing … and problem-solving skills with attention to detail. Excellent communication skills, both written and verbal, with the ability to convey complex security concepts to non-technical stakeholders. Experience with PCI DSS requirements and the implementation of these within a business. Preferred Skills: Experience with cloud security in AWS or Azure Cloud environments. Experience with incident response frameworks and More ❯

Vodafone Newbury, England, United Kingdom Join or sign in to find your next job Join to apply for the Security & Compliance Senior Manager role at Vodafone Vodafone Newbury, England, United Kingdom 2 days ago Be among the first 25 applicants More ❯

an outsourced Security Operations Centre (SOC) team and Cyber Security Analysts. Collaborate with internal teams and external vendors to optimise cybersecurity operations. Compliance & Risk Management Plan and conduct annual PCI DSS compliance assessments in collaboration with qualified security assessors, maintaining and communicating cybersecurity risk registers to business stakeholders. Perform third-party risk assessments to evaluate vendor security postures … configuring a range of cybersecurity tooling and hardening cloud environments, particularly Microsoft Azure. Well-versed knowledge of cybersecurity and data protection frameworks including NIST, ISO27001 and DPA. Experience managing PCI DSS compliance for an organisation is preferred. Proficient at articulating technical cybersecurity concepts and risks to the business in a simple and effective manner, whilst advocating to do More ❯

excellent service seven days a week. Duties & Responsibilities: · Develop, implement, and maintain information security policies, procedures, and standards aligned with industry best practices (NCSC recommendations, UK DPA, ISO 27001, PCI DSS, NIST etc.). · Lead and support risk assessments, vulnerability scans, and security audits. · Manage day-to-day security operations, including monitoring, incident detection, investigation, and response. · Manage More ❯

procedures in alignment with business objectives, while considering operational needs. Direct the management and continuous improvement of the Information Security Management System (ISMS). Oversee and manage Ravelin's PCI DSS and PCI 3DS compliance program, ensuring requirements are fulfilled, maintained, and areas for enhancement are identified. Conduct routine risk assessments to determine and reduce information security … robust cyber incident response plan, including coordinating necessary responses to incidents and security investigations. Requirements Extensive practical experience implementing and maintaining an ISO 27001 compliant ISMS. Demonstrable experience with PCI DSS compliance, including preparing for and undergoing assessments. Familiarity with information security frameworks (e.g., NIST, CIS). Proficiency in risk management methodologies. Knowledge of common security technologies (e.g. More ❯

and procedures in alignment with business objectives, while considering operational needs Direct the management and continuous improvement of the Information Security Management System (ISMS) Oversee and manage Ravelin's PCI DSS and PCI 3DS compliance program, ensuring requirements are fulfilled, maintained, and areas for enhancement are identified Conduct routine risk assessments to determine and reduce information security … robust cyber incident response plan, including coordinating necessary responses to incidents and security investigations Requirements Extensive practical experience implementing and maintaining an ISO 27001 compliant ISMS Demonstrable experience with PCI DSS compliance, including preparing for and undergoing assessments Familiarity with information security frameworks (e.g., NIST, CIS) Proficiency in risk management methodologies Knowledge of common security technologies (e.g., firewalls More ❯

and data protection technologies. Policy & Standards Expertise: Extensive experience in writing, reviewing, and implementing information security policies, procedures, and standards. Familiarity with legal and regulatory frameworks (e.g., GDPR, HIPAA, PCI-DSS) and their impact on security practices. Communication & Collaboration: Excellent verbal and written communication skills, with the ability to translate complex technical issues into understandable language for business More ❯

Understanding the best practices, control frameworks, and applicable legal and regulatory requirements data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, PCI DSS, etc. Demonstrable strong leadership skills, including the ability to develop, mentor and coach others Experience in working in large or federated enterprises, preferably in the Telecoms industry More ❯

UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if handling payment data) Experience in: Managing vendor risk assessments for third-party compliance. Handling incident response & reporting (e.g., Data Breach Notifications under GDPR). Key Skills … Strong reporting and communication skills-ability to brief executives and regulators. Ability to design, implement, and enforce security policies . Key Responsibilities: Ensure compliance with GDPR, Cyber Essentials Plus, PCI-DSS, and other applicable standards. Align ISMS activities with ISO 27001 framework. Develop and implement security policies, controls, and procedures. Conduct security risk assessments & compliance audits. Manage incident More ❯

team with designing, innovating, deploying, and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO/IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … team with designing, innovating, deploying, and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO/IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … on a variety of challenging projects, with multiple security tools. Have a proven track record of successes. Understanding of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principals, best practices, OWASP/related standards. Knowledge of security frameworks & controls, hardening standards & security best practices. An understanding More ❯

team with designing, innovating, deploying, and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO/IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … team with designing, innovating, deploying, and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO/IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … on a variety of challenging projects, with multiple security tools. Have a proven track record of successes. Understanding of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principals, best practices, OWASP/related standards. Knowledge of security frameworks & controls, hardening standards & security best practices. An understanding More ❯

network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Leadership & Stakeholder Engagement: Act as the subject matter expert on cybersecurity at the board and executive level. Communicate … experience building and scaling a GRC function in a complex environment. Deep knowledge of information security standards (ISO 27001, NIST, CIS), risk frameworks (COSO, FAIR), and regulatory obligations (GDPR, PCI-DSS, SOX). Proven track record of managing enterprise-level security programs, including incident response and business continuity. Excellent stakeholder management skills, with experience reporting at board level. More ❯