1 to 25 of 135 PCI DSS Jobs in the UK

looking for someone to own compliance end to end at Fresha. We’re already HIPAA and ISO27001 certified, we’re heading into a PCI DSS audit shortly, and later this year we’ll have GDPR and SOC 2 Type II coming up. The role is based … Street, London EC1V 9NR./p h3 What you’ll own/h3 h3 Audits and certifications/h3 ul li Run the PCI DSS audit to completion, then GDPR and SOC 2 Type II this year/li li Serve as the main point of contact ...

Lead Information Security Analyst Engineer/Architect to £54k + Benefits ISO27001, COBIT, SECURITY, ITIL, CISM, CISSP, PCI-DSS Lead Information Security Engineer/Analyst: Do you have a background working in an IT Security function and are able to identify and remediate threats or vulnerabilities, implement information … assets and mitigate against potential risks.You will be actively responsible for ensuring the successful achievement of external certifications such as ISO27001, MOU, PSN and PCI-DSS etc alongside managing security incident response plans. In addition, the Lead information Security Analyst/Engineer will provide advice and guidance ...

afterthought applied on top. Advise the CISO on technical security strategy, emerging technology risks, and the security implications of architectural decisions. Support PCI DSS compliance from an architectural perspective, ensuring the platform design supports scope minimisation, network segmentation, and the technical requirements of PCI DSS 4.0. … . Understanding of cryptographic principles and their practical application in payment systems: tokenisation, format‐preserving encryption, HSM/KMS key management, TLS configuration, and PCI P2PE concepts. Experience leading technical teams, mentoring engineers, and building team capability in a growing organisation. Ability to communicate architectural decisions and trade‐offs ...

afterthought applied on top. Advise the CISO on technical security strategy, emerging technology risks, and the security implications of architectural decisions. Support PCI DSS compliance from an architectural perspective, ensuring the platform design supports scope minimisation, network segmentation, and the technical requirements of PCI DSS 4.0. … . Understanding of cryptographic principles and their practical application in payment systems: tokenisation, format‐preserving encryption, HSM/KMS key management, TLS configuration, and PCI P2PE concepts. Experience leading technical teams, mentoring engineers, and building team capability in a growing organisation. Ability to communicate architectural decisions and trade‐offs ...

organisation’s subject matter expert for audits, reviews and security assurance activities Maintain compliance with key standards and certifications, including Cyber Essentials and PCI-DSS Lead or support the investigation of security incidents, ensuring lessons learned are captured and acted upon Provide guidance on information governance, including data … CISM or ISO 27001, or equivalent experience. As the Information Security Manager, you will have a solid understanding of security standards and frameworks, including PCI-DSS, and be confident working with both technical and non-technical stakeholders, translating complex issues into clear, practical guidance. You will be highly ...

organisation’s subject matter expert for audits, reviews and security assurance activities Maintain compliance with key standards and certifications, including Cyber Essentials and PCI-DSS Lead or support the investigation of security incidents, ensuring lessons learned are captured and acted upon Provide guidance on information governance, including data … CISM or ISO 27001, or equivalent experience. As the Information Security Manager, you will have a solid understanding of security standards and frameworks, including PCI-DSS, and be confident working with both technical and non-technical stakeholders, translating complex issues into clear, practical guidance. You will be highly ...

technical expertise in Microsoft Active Directory (AD), Windows Server environments, and authentication solutions. IT Security & Compliance: Ensure compliance with security and regulatory standards, including PCI DSS, Cyber Essentials+, DORA, and ISO 27001. Implement and enforce security best practices across infrastructure automation and cloud environments. Secure high-value … Cyber Essentials, NIST, ISO 27001). In-depth understanding of network security and compliance in regulated environments. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Strong networking knowledge (LAN, WAN, DNS, DHCP, VPN, TCP/IP). Proficiency in firewall ...

client-facing environments. Practical experience implementing, assessing, or managing security frameworks and standards such as ISO/IEC 27001, NIST, Cyber Essentials, CIS Controls, PCI DSS, and NCSC Cyber Assessment Framework (CAF). Strong understanding of information security governance, risk management, compliance and assurance principles. Experience conducting risk … Certified Information Security Manager) CRISC (Certified in Risk and Information Systems Control) CISMP or equivalent security qualification Cyber Essentials Assessor qualification Relevant NIST, CAF, PCI DSS, or risk management certifications Degree-level qualification in Cyber Security, Information Security, Computer Science, Risk Management, or related discipline Our Benefits ...

Azure adoption and hybrid cloud solutions Maintaining core services (AD, DNS, DHCP) and planning Entra ID migration Ensuring infrastructure meets security and compliance standards (PCI DSS, ISO 27001, GDPR) Delivering 2nd/3rd line support and resolving complex issues Supporting disaster recovery, backup, and monitoring processes Acting … work A collaborative team player with clear communication skills Proactive with a focus on continuous improvement Desirable experience includes Azure migrations, scripting/automation, PCI DSS environments, and working within the charity or public sector. Job Offer Opportunity to lead cloud transformation initiatives Remote working pattern, with occasional ...

ideally within financial services, banking, or payments. Experience in InfoSec and Cyber Security. Experience setting up policies and processes in InfoSec area. Familiarity with PCI-DSS, ISO27001, SOC 2/3 or other global standards. Familiarity with regulatory requirements (DORA, PCI-DSS, PSD2, GDPR). Understanding … identify areas for improvement. Performing security risk and control assessments for new products or initiatives. Working with third party InfoSec auditors (penetration testing, PCI compliance etc.). Conduct regular risk assessments and vulnerability assessments to identify security gaps and develop appropriate mitigation plans. Conducting regulatory gap analysis for regulations ...

product and delivery teams in Agile and DevOps environments to embed security by design. Support compliance with security and regulatory frameworks including ISO 27001, PCI DSS, OWASP and internal standards. Review security posture of vendors and outsourced services, providing due diligence and third-party risk assurance. Present security … cloud security, secure application delivery, third-party risk management and access management practices. Experience applying recognised frameworks and standards such as ISO 27001, PCI DSS, OWASP, NIST and enterprise security control frameworks. Ability to translate complex technical risks into business language and provide clear, evidence-based recommendations. Exposure ...

product and delivery teams in Agile and DevOps environments to embed security by design. Support compliance with security and regulatory frameworks including ISO 27001, PCI DSS, OWASP and internal standards. Review security posture of vendors and outsourced services, providing due diligence and third-party risk assurance. Present security … cloud security, secure application delivery, third-party risk management and access management practices. Experience applying recognised frameworks and standards such as ISO 27001, PCI DSS, OWASP, NIST and enterprise security control frameworks. Ability to translate complex technical risks into business language and provide clear, evidence-based recommendations. Exposure ...

product and delivery teams in Agile and DevOps environments to embed security by design. Support compliance with security and regulatory frameworks including ISO 27001, PCI DSS, OWASP and internal standards. Review security posture of vendors and outsourced services, providing due diligence and third-party risk assurance. Present security … cloud security, secure application delivery, third-party risk management and access management practices. Experience applying recognised frameworks and standards such as ISO 27001, PCI DSS, OWASP, NIST and enterprise security control frameworks. Ability to translate complex technical risks into business language and provide clear, evidence-based recommendations. Exposure ...

product and delivery teams in Agile and DevOps environments to embed security by design. Support compliance with security and regulatory frameworks including ISO 27001, PCI DSS, OWASP and internal standards. Review security posture of vendors and outsourced services, providing due diligence and third-party risk assurance. Present security … cloud security, secure application delivery, third-party risk management and access management practices. Experience applying recognised frameworks and standards such as ISO 27001, PCI DSS, OWASP, NIST and enterprise security control frameworks. Ability to translate complex technical risks into business language and provide clear, evidence-based recommendations. Exposure ...

product and delivery teams in Agile and DevOps environments to embed security by design. Support compliance with security and regulatory frameworks including ISO 27001, PCI DSS, OWASP and internal standards. Review security posture of vendors and outsourced services, providing due diligence and third-party risk assurance. Present security … cloud security, secure application delivery, third-party risk management and access management practices. Experience applying recognised frameworks and standards such as ISO 27001, PCI DSS, OWASP, NIST and enterprise security control frameworks. Ability to translate complex technical risks into business language and provide clear, evidence-based recommendations. Exposure ...

internal and external auditors as appropriate to assess the standard of information and IT security across Robertson to meet the requirements of ISO 27001, PCI DSS, NIST 800-53 and Cyber Essentials Plus. Answer security questionnaires, assist in bid responses and develop cyber security plans as part … Proven track record of delivering cost effective solutions to protect corporate assets and experience of achieving compliance against industry security standards such as ISO27001, PCI‐DSS, NIST 800 Series. Demonstrable experience in Security Risk management. Leadership experience with ability to mentor a team and to drive IT, Information ...

ideally have: Experience within Cyber Security, GRC, IT Audit, Risk, Compliance, or Information Assurance. Knowledge of frameworks such as ISO 27001, PCI DSS, NIST, Cyber Essentials, or similar. Strong organisational skills and attention to detail. Excellent written and verbal communication skills. Experience using Microsoft 365 applications. A relevant … cyber security qualification or equivalent practical experience. Desirable Experience Exposure to ISO 27001 environments. Knowledge of PCI DSS and/or DORA. Internal audit experience or training. Experience within regulated industries. Familiarity with GRC platforms and tooling. Package Salary up to £52,000 5% Annual Bonus Hybrid working ...

time Define security and compliance requirements and work closely with Engineering and IT teams to ensure they are implemented effectively Maintain existing compliance across PCI DSS, ISO27001, SOC2 and Cyber Essentials, and lead new compliance initiatives across additional standards such as ISO 27017 and ISO 27018 Manage audits … support a small team, creating focus, trust and shared direction About You_ You've worked in security and compliance within a payments, fintech or PCI-regulated environment You have strong, hands-on experience with PCI DSS, ISO27001 and SOC2, including preparing for and delivering audits ...

Maintain Compliance Frameworks: Create, update, and align compliance policies, procedures, and technical controls with SOC 2 (Type 1 & 2), ISO 27001, HIPAA, and PCI DSS standards. Lead Compliance Certifications: Oversee and execute SOC 2 and ISO 27001 implementation and certification projects across multi‐cloud environments (AWS, GCP, Azure … firm (e.g., Deloitte, PwC, EY, KPMG) in an advisory or assurance capacity. Consulting experience. Familiarity with additional frameworks and regulations (e.g., HiTRUST, PCI DSS, NIST, GDPR, HIPAA). What We Offer Career Development: Clear growth path with mentorship and training opportunities. Technical Training: Comprehensive onboarding on security ...

cybersecurity team. This role is predominantly end-client facing, advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. Skills & Experience Required: 2+ years of experience working in Cyber Security within an AWS cloud environment Vulnerability … management & Compliance Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with stakeholders and clients, as well as the ability to provide training and mentoring around cybersecurity Ideally, some relevant cybersecurity certifications This role ...

leading by example Partner with Fraud, Compliance, and Risk teams on security events involving payment systems, cardholder data, or regulatory reporting obligations under PCI DSS and related frameworks Who You Are 5+ years of hands‐on experience in security operations with strong expertise in incident response, digital forensics … communicate with technical and non‐technical stakeholders during security incidents and investigations Experience in payment processing, fintech, or other highly regulated environments; familiarity with PCI DSS incident handling requirements a plus Proven ability to work independently while demonstrating sound judgment about when to engage team members or elevate ...

risks and strategic recommendations Partner with Fraud, Compliance, and Risk teams on security events involving payment systems, cardholder data, or regulatory reporting obligations under PCI DSS and related frameworks What we're looking for: 8+ years of hands-on experience in security operations with deep expertise in incident … effectively communicate with technical and executive stakeholders during security incidents and investigations Experience in payment processing, fintech, or other highly regulated environments; familiarity with PCI DSS incident handling requirements a plus Proven ability to work independently while demonstrating sound judgment about when to engage team members or escalate ...

risks and strategic recommendations Partner with Fraud, Compliance, and Risk teams on security events involving payment systems, cardholder data, or regulatory reporting obligations under PCI DSS and related frameworks What we're looking for: 8+ years of hands-on experience in security operations with deep expertise in incident … effectively communicate with technical and executive stakeholders during security incidents and investigations Experience in payment processing, fintech, or other highly regulated environments; familiarity with PCI DSS incident handling requirements a plus Proven ability to work independently while demonstrating sound judgment about when to engage team members or escalate ...

risks and strategic recommendations Partner with Fraud, Compliance, and Risk teams on security events involving payment systems, cardholder data, or regulatory reporting obligations under PCI DSS and related frameworks What we're looking for: 8+ years of hands-on experience in security operations with deep expertise in incident … effectively communicate with technical and executive stakeholders during security incidents and investigations Experience in payment processing, fintech, or other highly regulated environments; familiarity with PCI DSS incident handling requirements a plus Proven ability to work independently while demonstrating sound judgment about when to engage team members or escalate ...

risks and strategic recommendations Partner with Fraud, Compliance, and Risk teams on security events involving payment systems, cardholder data, or regulatory reporting obligations under PCI DSS and related frameworks What we're looking for: 8+ years of hands-on experience in security operations with deep expertise in incident … effectively communicate with technical and executive stakeholders during security incidents and investigations Experience in payment processing, fintech, or other highly regulated environments; familiarity with PCI DSS incident handling requirements a plus Proven ability to work independently while demonstrating sound judgment about when to engage team members or escalate ...