1 to 25 of 79 PCI DSS Jobs in the UK excluding London

GRC Analyst - Payments/PCI-DSS/AoC Manchester - office based £55k pa A successful technology company are seeking a GRC Analyst to join their growing Security team and be responsible for risk management, compliance monitoring and governance support as well as 3rd party vendor risk management. As an experienced Payments GRC Analyst you will ensure compliance with … all relevant regulations including PCI-DSS, GDPR, NIS Regulations and the Data Protection Act 2018. You will be able to demonstrate Attestation of Compliance (AoC) experience alongside experience of ensuring compliance with ISO27001 and relevant organisational standards. This role will require excellent technical GRC and PCI-DSS knowledge, good organisational skills and the ability to communicate … critical security information and requirements to both internal and external stakeholders. PCI-DSS and Attestation of Compliance experience is a must have for this position. Please send a CV detailing the required experience for consideration. GRC Analyst - Payments/PCI-DSS/AoC Manchester - office based £55k pa More ❯

AD), Windows Server environments, and authentication solutions. Plan for scalability, redundancy, and high availability to support future growth. IT Security & Compliance: Ensure compliance with security and regulatory standards, including PCI DSS, Cyber Essentials+, DORA, and ISO 27001. Implement and enforce security best practices across infrastructure automation and cloud environments. Maintain accurate compliance documentation, including PCI DSS scope records and security policies. Secure high-value and high-risk data, such as cardholder (PCI) and personally identifiable information (PII). Cloud & Automation (these tools and skills will be taught): Implement and manage Infrastructure as Code (IaC) for cloud and on-premises environments. Learn how to automate configuration management, infrastructure provisioning, and application deployment. Configure and maintain … essential. Desirable (but not required) experience: Some interest in learning and using automation tools such as Azure DevOps, Terraform, Node-Red, Packer. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Scripting and automation skills (PowerShell, Python, Bash, or similar). Ability to design, implement, and maintain CI/CD pipelines for More ❯

months (Inside IR35) Day Rate: £462 per day Location: Milton Keynes (1–2 days onsite per week) Overview: We are seeking an experienced Solution Architect with strong expertise in PCI DSS v4 to support a leading financial services organisation on a long-term engagement. The successful candidate will work closely with stakeholders to design, assure, and govern secure … within the payment card ecosystem. Key Responsibilities: Develop solution options, architectural designs, and impact assessments that meet business and compliance objectives. Provide assurance across solution designs, ensuring alignment with PCI DSS requirements and best practice. Drive solutions through established governance processes, balancing compliance, security, and operational effectiveness. Collaborate with business and technical stakeholders to embed PCI DSS … Required: Proven experience as a Solution Architect in enterprise-scale or regulated environments. Strong understanding of the payment card ecosystem . In-depth knowledge and hands-on experience with PCI DSS v4 compliance requirements and levels. Track record of producing architectural deliverables and supporting governance processes. Excellent communication and stakeholder engagement skills. More ❯

own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical … projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability … Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in More ❯

an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System (ISMS) * Coordinate internal and external audit readiness for … ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote good security practices and raise awareness across departments * Act as an escalation … and standards relating to information and cyber security Key Skills & Experience: Essential: * Background in IT, Cyber Security, Information Systems, or a related discipline * Strong working knowledge of ISO 27001, PCI DSS, and Cyber Essentials Plus * Proven ability to support and prepare for audits, including evidence collation and audit readiness * Excellent attention to detail and ability to produce high More ❯

made available to all staff and volunteers increasing awareness among these groups. Develop policies and procedures in accordance with industry regulations and standards such as Data Protection Act 2018, PCI-DSS, and ISO27001. Monitor tools for data governance, data security, and compliance to manage information security risks and regulatory requirements and detect and investigate possible information security incidents. … management. Familiarity with ITIL practices and risk management methodologies. Significant proven experience with cyber security incident management and response Strong knowledge of security standards and regulations, such as GDPR, PCI-DSS, and ISO27001 Experience of delivering data protections specifically data loss prevention, sensitivity labelling and retention (using Microsoft Purview) Experience of managing projects through to completion Skills & Attributes More ❯

triaging alerts, investigating incidents, identifying root causes, and coordinating response actions Implement and manage security controls across AWS, Azure, and on-prem environments, aligning with frameworks like ISO 27001, PCI-DSS Build and maintain clear, actionable dashboards and reports for technical and leadership teams, covering threats, vulnerabilities, incident trends, and control effectiveness Keep our documentation tight - from runbooks … especially AWS and Azure - and applying cloud security principles in live environments Experience in a regulated industry, ideally financial services, with knowledge of relevant compliance standards (e.g., ISO 27001, PCI-DSS) Hands-on expertise with Microsoft security tools - including Defender for Endpoint, Defender for Cloud, Defender for Identity, Microsoft Purview, Taegis, Z-Scaler or equivalents A strong infrastructure More ❯

the organisation Stay current with GRC trends, standards, and best practices Assist in managing the Security GRC Framework Collaborate with stakeholders, auditors, and vendors Support compliance activities (CAF, SEMD, PCI DSS, ISO27001) Monitor and report on security compliance and incidents Conduct controls testing and coordinate audit findings Advise on compliance matters and manage policy exemptions Liaise with Data …/DEFEND, and other security frameworks Solid understanding of cyber security, including Cyber Essentials and social engineering Awareness of current IS technologies, threats, and vulnerabilities Familiarity with ISO 27001, PCI DSS, and ITIL frameworks Hands-on experience with risk management tools and processes Skilled at translating business needs into security solutions Experience developing and maintaining IS policies and More ❯

is well defined. Engage risk review and assurance activities across existing suppliers. Provide IT and business advice on aspects of security standards and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Engage with I&T system owners to provide training in relation to information security, cyber resilience, phishing, and facilitation of cyber scenario desktop simulations … consequences across both IT and manufacturing environments in manufacturing or similar industries. Experience working with information security standards and frameworks such as and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Proven analytical, problem-solving, planning, project delivery and supplier work packages management skills. Demonstrable experience of engaging across all levels of a company in More ❯

aligning engineering execution with business goals, ensuring scalability, security, reliability, and maintainability. Your contribution Key Responsibilities 1. Technical Leadership • Architect secure, high-availability systems with compliance in mind (e.g., PCI DSS, SOC 2, ISO 27001). • Ensure robust encryption, audit trails, and access control mechanisms. • Guide backend design for high-volume transactional systems (e.g., ledgers, payments, identity verification … and quality under business pressures. • Strong communication with both technical and non-technical stakeholders, especially in regulated contexts. • Conflict resolution and emotional intelligence. Domain • Experience with financial regulations (e.g., PCI-DSS, GDPR, PSD2). • Familiarity with fintech standards and third-party integrations (e.g. Decision Engines, ID&V, Swift, ISO 20022). Success Metrics • System Trustworthiness: Uptime, performance, technical More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

lifecycle management, and operational workflows in collaboration with compliance, support, and operations teams Ensuring all product features and processes meet relevant regulatory and scheme compliance requirements (FCA, PSD2, AML, PCI-DSS) Collaborating with engineering, design, and third-party providers to deliver scalable, secure card payment solutions Defining and monitoring KPIs to track product performance, customer satisfaction, and operational … Deep understanding of tokenisation, EMVCo standards, and mobile wallet provisioning (Apple Pay, Google Pay) Strong working knowledge of card scheme requirements, issuer processor integrations, and compliance frameworks (KYC, AML, PCI-DSS, PSD2) Experience designing and implementing customer and operational product processes, including onboarding, servicing, and dispute resolution Strong analytical, problem-solving, and data-driven decision-making skills Excellent More ❯

s Information Security Management System remains effective in protecting HL critical information assets within risk appetite. Lead assurance activities against Information Security Compliance frameworks, including but not limited to: PCI, NIST, SWIFT, GDPR Conducting analysis of cloud-based assets pertaining to information security incidents, audits, and testing while adhering to best practices. Lead engagement of Cloud Audits and remediation … CISSP, CRISC Hands on demonstratable experience and knowledge of: Carrying out security reviews against recognised security control frameworks such as CSA Cloud Control Matrix, ISO27017/27001, NIST CSF, PCI-DSS, SWIFT, AWS CAF Atlassian, IAAC Terraform, Merge Requests, GIT Ops, Git Hub, Workflow, Wiz, Security Hub, Macie, Audit Manager, Microsoft Compliance Portal/Purview, Microsoft Information Protection More ❯

Harden DevSecOps pipelines to ensure secure software delivery. Collaborate with engineering teams to integrate security by design into products. Compliance & Risk Management Ensure regulatory compliance with GDPR, SOC2, ISO, PCI-DSS, and crypto-specific frameworks. Lead risk assessments for third-party vendors and service providers. Work with legal and compliance teams on KYC/AML security for crypto More ❯

and proxy solutions.(e.g., F5, Palo Alto, Forcepoint, Cisco ASA) Security & Compliance Integration of security principles (Zero Trust, segmentation, NAC). Familiarity with frameworks such as ISO 27001, NIST, PCI-DSS, and data protection standards (GDPR). Cloud & Virtualisation Experience with AWS, Azure, or GCP networking services (Transit Gateway, VNet, VPC, ExpressRoute, Direct Connect). Understanding of hybrid More ❯

platforms (AWS, Azure, GCP). Implement DevSecOps practices, including secure CI/CD pipelines and infrastructure-as-code templates. Ensure compliance with frameworks such as NIST CSF, ISO 27001, PCI DSS, and CSA CCM. Essential Skills & Experience 15+ years in Information Security, 7-8+ years in Security Architecture. Cloud security architecture experience (AWS, Azure, GCP), multi-cloud More ❯

platforms (AWS, Azure, GCP). Implement DevSecOps practices, including secure CI/CD pipelines and infrastructure-as-code templates. Ensure compliance with frameworks such as NIST CSF, ISO 27001, PCI DSS, and CSA CCM. Essential Skills & Experience 15+ years in Information Security, 7-8+ years in Security Architecture. Cloud security architecture experience (AWS, Azure, GCP), multi-cloud More ❯

balancing, firewalls, proxies (F5, Palo Alto, Forcepoint, Cisco ASA). Strong knowledge of wireless networking design and optimisation. Security integration: Zero Trust, segmentation, NAC; familiarity with ISO 27001, NIST, PCI-DSS, GDPR. Cloud & Virtualisation: AWS, Azure, or GCP networking services; understanding of hybrid/multi-cloud; automation tools (Terraform, Ansible, Python). Monitoring & Management: Network management systems (SolarWinds More ❯

Sentinel) Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI DSS, SOX, FCA requirements) Establish and enforce security policies, standards, and procedures Report security posture, incidents, and key metrics to senior leadership and the board Drive security awareness More ❯

Lead roles JSP440, JSP604/453 & JSP490 Working with system secure design MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience More ❯

for occasional travel and out-of-hours support. Exposure to MxDR/SOC environments and advanced security protocols (SIEM, IDS/IPS, firewalls). Knowledge of GDPR, Cyber Essentials+, PCI-DSS, and other compliance standards. Strong grasp of data protection legislation (e.g., GDPR, Data Protection Act). Global Impact: Your leadership will help protect the digital infrastructure that More ❯

occasional travel and out-of-hours support. Desirable: Exposure to MxDR/SOC environments and advanced security protocols (SIEM, IDS/IPS, firewalls). Knowledge of GDPR, Cyber Essentials+, PCI-DSS, and other compliance standards. Strong grasp of data protection legislation (e.g., GDPR, Data Protection Act). Why Join Us? Global Impact: Your leadership will help protect the More ❯

overall AV Solutions (Trend, Falcon CS), Monitoring & DEX platforms such as SolarWinds, ControlUp, Splunk, Strong Hardware proficiency (Ex: Synergy, Nimble, Brocade, Service BAU requests. Securing systems to Cyber Essentials, PCI DSS and ISO27000 standards through audits, vulnerability scanning and remediation Documentation, creation, update and keeping to date. Assist in the migration from, consolidation of and/or decommission More ❯