1 to 25 of 102 PCI DSS Jobs in the UK excluding London

WELCOME TO PCI PAL PCI Pal is a leading provider of SaaS solutions that empower companies to take payments securely, adhere to strict industry governance, and remove their business from the significant risks posed by non-compliance and data loss. We are integrated and resold by some of the world's leading business communications vendors, as well as … major payment service providers. We are currently looking for a GRC & Audit Lead to join our UK team. THE OPPORTUNITY: PCI Pal's Information Security team requires a dynamic and proactive individual to lead all Governance, Risk and Compliance (GRC), audit requirements for our team and the company. We are an agile and innovative team and are responsible for … that GRC and audit requirements are suitably managed, maintained and matured. YOU WILL BE RESPONSIBLE FOR: Managing, maintaining, and maturing the already established audit lifecycles for the following frameworks: PCI DSS v4.0, ISO 27001:2022, ISO 9001:2015, ISO 14001:2015, Cyber Essentials, Cyber Essentials Plus, SOC2 Type 1 – 3 & HIPAA Working in close collaboration with other team More ❯

own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical … projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability … Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in More ❯

regulatory compliance oversight. The ideal candidate will establish and maintain security standards across the product portfolio, oversee secure system environments, and act as the primary contact for ISO 27001, PCI DSS, and GDPR compliance. Additionally, this role will support our commercial teams by contributing to tender responses and ensuring client security assurance. The Company: They are a technology … management and penetration testing programs. Maintain strong identity, access, and privilege management controls. Compliance & Assurance (30%) Manage and maintain ISO 27001 certification and audit processes. Ensure ongoing compliance with PCI DSS for payment-related systems. Oversee GDPR compliance across products, services, and internal operations. Complete HECVAT assessments and respond to security questionnaires for higher education tenders. Support sales … SaaS or cloud environments (ISV or B2B preferred). Proven track record managing ISO 27001 certification and compliance. Hands-on experience implementing GDPR in software products. Working knowledge of PCI DSS and securing payment systems. Deep understanding of cloud security across Azure and/or AWS. Skilled in application security and the secure development lifecycle (SDLC). Experienced More ❯

an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System (ISMS) * Coordinate internal and external audit readiness for … ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote good security practices and raise awareness across departments * Act as an escalation … and standards relating to information and cyber security Key Skills & Experience: Essential: * Background in IT, Cyber Security, Information Systems, or a related discipline * Strong working knowledge of ISO 27001, PCI DSS, and Cyber Essentials Plus * Proven ability to support and prepare for audits, including evidence collation and audit readiness * Excellent attention to detail and ability to produce high More ❯

role where you’ll take ownership of security strategy, operations, and compliance across multi-cloud environments; ensuring systems remain robust, scalable, and compliant with key standards such as ISO27001, PCI/DSS, and GDPR. Location: Milton Keynes - hybrid - at least 2 - 3 times a week in office Salary: £50,000 – £60,000 per annum + benefits Requirements for … compliance programmes Excellent knowledge of GDPR and experience embedding data protection into software systems Hands-on experience managing cloud security within Azure and/or AWS environments Knowledge of PCI/DSS standards for payment systems Understanding of application security, secure development lifecycles, and DevSecOps practices Strong communicator, able to translate complex security concepts for technical and non … and product roadmaps Oversee cloud infrastructure security, vulnerability management, and incident response Maintain security monitoring, alerting, and access management controls Lead ISO27001 certification maintenance and audits Ensure compliance with PCI/DSS, GDPR, and other relevant frameworks Complete client security assurance documentation and tender responses Act as the main security contact point for customers and internal stakeholders What More ❯

your whole self to work bringing your energy and creativity to make a positive difference, then this is the job for you. We have an exciting opportunity for a PCI and Compliance Lead to join our Information Security team for a fixed term of 18 months. The Benefits Salary - up to £64,898 p.a. – depending on skills and experience. … community organisations. The Role Reporting to our Information Security Assurance Manager, you’ll be responsible for oversight, management and continuous compliance of the Payment Card Industry Data Security Standard (PCI DSS) requirements across the Society within the Information Security Assurance Team. You’ll assist in the oversight and control of all aspects of the Information Security Management System … line risk colleagues, Payments and Technology. You’ll manage the relationship with Qualified Security Assessors (QSAs); coordinating annual assessment and remediation activities, Regulatory Bodies; providing evidence and reporting for PCI compliance, and Third-Party Service Providers; completing assurance reviews and compliance verifications for suppliers handling PCI data. About You We’re looking for someone with significant experience in More ❯

insights, and operational automation. Cybersecurity • Implement and maintain security controls to protect customer data, payment systems, and business operations. • Conduct regular security audits, vulnerability assessments, and compliance checks (e.g., PCI-DSS). • Respond to incidents and ensure business continuity through disaster recovery planning. • Integrate AI-driven threat detection and response tools to enhance security posture. Collaboration & Leadership • Work … VMware/Hyper-V). Hands-on experience with Microsoft 365 administration and security. Familiarity with AI tools and Industry 4.0 technologies. Experience with cybersecurity frameworks and compliance standards (PCI-DSS, ISO 27001). Scripting and automation skills (PowerShell, Python, Power automate) Excellent interpersonal and communication skills with the ability to engage effectively at all levels of the More ❯

made available to all staff and volunteers increasing awareness among these groups. Develop policies and procedures in accordance with industry regulations and standards such as Data Protection Act 2018, PCI-DSS, and ISO27001. Monitor tools for data governance, data security, and compliance to manage information security risks and regulatory requirements and detect and investigate possible information security incidents. … management. Familiarity with ITIL practices and risk management methodologies. Significant proven experience with cyber security incident management and response Strong knowledge of security standards and regulations, such as GDPR, PCI-DSS, and ISO27001 Experience of delivering data protections specifically data loss prevention, sensitivity labelling and retention (using Microsoft Purview) Experience of managing projects through to completion Skills & Attributes More ❯

culture across the organisation through training, awareness campaigns, and policy enforcement. Maintain oversight of cyber KPIs, threat intelligence, and incident response protocols. Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, NIST, ISO 27001) Build and maintain strategic relationships with external partners, including regulators and the National Cyber Security Centre. Represent cyber security in major organisational change programmes … ISC), ISACA, BCS). Essential Knowledge and Experience Demonstrable experience leading cyber security in large, complex organisations. Deep understanding of cyber security frameworks and standards (e.g., NIST, ISO 27001, PCI DSS). Proven track record of developing and delivering cyber strategies and managing risk at an enterprise level. Strong technical knowledge of modern security technologies and principles, including More ❯

culture across the organisation through training, awareness campaigns, and policy enforcement. Maintain oversight of cyber KPIs, threat intelligence, and incident response protocols. Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, NIST, ISO 27001) Build and maintain strategic relationships with external partners, including regulators and the National Cyber Security Centre. Represent cyber security in major organisational change programmes … ISACA, BCS). Essential Knowledge and Experience Demonstrable experience leading cyber security in large, complex organisations. Deep understanding of cyber security frameworks and standards (e.g., NIST, ISO 27001, PCI DSS). Proven track record of developing and delivering cyber strategies and managing risk at an enterprise level. Strong technical knowledge of modern security technologies and principles, including Azure More ❯

. Security, Compliance & Governance Partner with Information Security teams to enhance network security posture , addressing vulnerabilities and implementing intrusion detection/prevention systems. Ensure ongoing compliance with ISO 27001, PCI-DSS , and other relevant regulatory standards. Drive a proactive approach to incident response, monitoring, and continuous threat detection . Oversee audit readiness and maintain comprehensive network documentation and … configuration (Cisco ASA, Palo Alto, Fortinet, etc.) , and telephony (SIP/VoIP) systems. Familiarity with cloud and hybrid networking (Azure, AWS, GCP) environments preferred. Strong understanding of ISO 27001, PCI-DSS , and ITIL-aligned service delivery processes. Leadership & Soft Skills Strategic thinker with the ability to balance technical depth and business acumen . Exceptional stakeholder management and communication More ❯

. Security, Compliance & Governance Partner with Information Security teams to enhance network security posture , addressing vulnerabilities and implementing intrusion detection/prevention systems. Ensure ongoing compliance with ISO 27001, PCI-DSS , and other relevant regulatory standards. Drive a proactive approach to incident response, monitoring, and continuous threat detection . Oversee audit readiness and maintain comprehensive network documentation and … configuration (Cisco ASA, Palo Alto, Fortinet, etc.) , and telephony (SIP/VoIP) systems. Familiarity with cloud and hybrid networking (Azure, AWS, GCP) environments preferred. Strong understanding of ISO 27001, PCI-DSS , and ITIL-aligned service delivery processes. Leadership & Soft Skills Strategic thinker with the ability to balance technical depth and business acumen . Exceptional stakeholder management and communication More ❯

. Security, Compliance & Governance Partner with Information Security teams to enhance network security posture , addressing vulnerabilities and implementing intrusion detection/prevention systems. Ensure ongoing compliance with ISO 27001, PCI-DSS , and other relevant regulatory standards. Drive a proactive approach to incident response, monitoring, and continuous threat detection . Oversee audit readiness and maintain comprehensive network documentation and … configuration (Cisco ASA, Palo Alto, Fortinet, etc.) , and telephony (SIP/VoIP) systems. Familiarity with cloud and hybrid networking (Azure, AWS, GCP) environments preferred. Strong understanding of ISO 27001, PCI-DSS , and ITIL-aligned service delivery processes. Leadership & Soft Skills Strategic thinker with the ability to balance technical depth and business acumen . Exceptional stakeholder management and communication More ❯

of disaster recovery and business continuity plans. Produce reports and metrics for senior IT and governance stakeholders Stay updated with the latest threats, trends, and compliance requirements (e.g., GDPR, PCI DSS, Cyber Essentials) Person Specification Essential: Demonstrable experience in a related role Excellent problem-solving, analytical, and communication skills An appetite for keeping up to date with the … UK Desirable: Industry certifications (e.g., CompTIA Security+, SSCP) Experience in the charity or non-profit sector Familiarity with Microsoft Azure cloud platforms and identity management Experience with compliance frameworks (PCI DSS, Cyber Essentials) Experience with auditing and compliance Experience of BCP/DR More ❯

AWS services (Lambda, EventBridge, Kinesis, Glue, Athena). Security, Compliance & Governance Implement IAM, KMS encryption, VPC networking, and PrivateLink for secure connectivity. Ensure compliance with GDPR/UK GDPR, PCI-DSS, ISO 27001, and sector-specific standards (eg, NHS DSP Toolkit, HIPAA). Define data retention policies, PIA/DPIA frameworks, and lawful intercept/emergency call handling. … enterprise-scale Amazon Connect implementations with complex integrations. Expertise in AWS services: IAM, VPC, Lambda, API Gateway, EventBridge, Kinesis, CloudWatch, DynamoDB. Strong knowledge of security and compliance frameworks (GDPR, PCI-DSS, ISO 27001, NHS DSP Toolkit). Hands-on experience with IaC (CloudFormation/Terraform/CDK) and serverless development (Node.js/Python). Preferred Qualifications AWS Solutions More ❯

rail client once again to support with the growth of their exceptional technology team for their Information Security Manager. The Role: Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management. Working alongside the DPO and Head of Technology to support on areas of data protection. Lead collaboration with key partners for train onboard systems … the information security incident response program Manage implementation and deployment of Information Security Management System (ISMS). Line management of the internal InfoSec specialists. Requirements Extensive experience working with PCI-DSS and ISO27001 Strong understanding on security tools such as IDS/IPS. Demonstrable experience of leading Information Security, Governance, Compliance teams. Ideally a form of cybersecurity qualification More ❯

rail client once again to support with the growth of their exceptional technology team for their Information Security Manager. The Role: Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management. Working alongside the DPO and Head of Technology to support on areas of data protection. Lead collaboration with key partners for train onboard systems … the information security incident response program Manage implementation and deployment of Information Security Management System (ISMS). Line management of the internal InfoSec specialists. Requirements Extensive experience working with PCI-DSS and ISO27001 Strong understanding on security tools such as IDS/IPS. Demonstrable experience of leading Information Security, Governance, Compliance teams. Ideally a form of cybersecurity qualification More ❯

rail client once again to support with the growth of their exceptional technology team for their Information Security Manager. The Role: Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management. Working alongside the DPO and Head of Technology to support on areas of data protection. Lead collaboration with key partners for train onboard systems … the information security incident response program Manage implementation and deployment of Information Security Management System (ISMS). Line management of the internal InfoSec specialists. Requirements Extensive experience working with PCI-DSS and ISO27001 Strong understanding on security tools such as IDS/IPS. Demonstrable experience of leading Information Security, Governance, Compliance teams. Ideally a form of cybersecurity qualification More ❯

AWS services (Lambda, EventBridge, Kinesis, Glue, Athena). Security, Compliance & Governance Implement IAM, KMS encryption, VPC networking, and PrivateLink for secure connectivity. Ensure compliance with GDPR/UK GDPR, PCI-DSS, ISO 27001, and sector-specific standards (eg, NHS DSP Toolkit, HIPAA). Define data retention policies, PIA/DPIA frameworks, and lawful intercept/emergency call handling. … enterprise-scale Amazon Connect implementations with complex integrations. Expertise in AWS services: IAM, VPC, Lambda, API Gateway, EventBridge, Kinesis, CloudWatch, DynamoDB. Strong knowledge of security and compliance frameworks (GDPR, PCI-DSS, ISO 27001, NHS DSP Toolkit). Hands-on experience with IaC (CloudFormation/Terraform/CDK) and serverless development (Node.js/Python). Preferred Qualifications AWS Solutions More ❯

AWS services (Lambda, EventBridge, Kinesis, Glue, Athena). Security, Compliance & Governance Implement IAM, KMS encryption, VPC networking, and PrivateLink for secure connectivity. Ensure compliance with GDPR/UK GDPR, PCI-DSS, ISO 27001, and sector-specific standards (e.g., NHS DSP Toolkit, HIPAA). Define data retention policies, PIA/DPIA frameworks, and lawful intercept/emergency call handling. … enterprise-scale Amazon Connect implementations with complex integrations. Expertise in AWS services: IAM, VPC, Lambda, API Gateway, EventBridge, Kinesis, CloudWatch, DynamoDB. Strong knowledge of security and compliance frameworks (GDPR, PCI-DSS, ISO 27001, NHS DSP Toolkit). Hands-on experience with IaC (CloudFormation/Terraform/CDK) and serverless development (Node.js/Python). Preferred Qualifications AWS Solutions More ❯

such as Lambda, EventBridge, Kinesis, Glue, Athena, and CloudWatch. Security & Compliance Implement IAM policies, KMS encryption, VPC networking, and PrivateLink to secure data and connectivity. Ensure adherence to GDPR, PCI-DSS, ISO 27001, and industry-specific standards. Develop data retention policies, privacy impact frameworks, and procedures for emergency call handling. DevOps & Automation Establish CI/CD pipelines for … Connect solutions at enterprise scale with complex integrations. Proficient with AWS services: IAM, VPC, Lambda, API Gateway, EventBridge, Kinesis, CloudWatch, DynamoDB. Strong understanding of security and compliance frameworks (GDPR, PCI-DSS, ISO 27001). Hands-on experience with Infrastructure as Code (CloudFormation, Terraform, CDK) and serverless development (Node.js/Python). Preferred Qualifications AWS Solutions Architect - Professional or More ❯

such as Lambda, EventBridge, Kinesis, Glue, Athena, and CloudWatch. Security & Compliance Implement IAM policies, KMS encryption, VPC networking, and PrivateLink to secure data and connectivity. Ensure adherence to GDPR, PCI-DSS, ISO 27001, and industry-specific standards. Develop data retention policies, privacy impact frameworks, and procedures for emergency call handling. DevOps & Automation Establish CI/CD pipelines for … Connect solutions at enterprise scale with complex integrations. Proficient with AWS services: IAM, VPC, Lambda, API Gateway, EventBridge, Kinesis, CloudWatch, DynamoDB. Strong understanding of security and compliance frameworks (GDPR, PCI-DSS, ISO 27001). Hands-on experience with Infrastructure as Code (CloudFormation, Terraform, CDK) and serverless development (Node.js/Python). Preferred Qualifications AWS Solutions Architect - Professional or More ❯

such as Lambda, EventBridge, Kinesis, Glue, Athena, and CloudWatch. Security & Compliance Implement IAM policies, KMS encryption, VPC networking, and PrivateLink to secure data and connectivity. Ensure adherence to GDPR, PCI-DSS, ISO 27001, and industry-specific standards. Develop data retention policies, privacy impact frameworks, and procedures for emergency call handling. DevOps & Automation Establish CI/CD pipelines for … Connect solutions at enterprise scale with complex integrations. Proficient with AWS services: IAM, VPC, Lambda, API Gateway, EventBridge, Kinesis, CloudWatch, DynamoDB. Strong understanding of security and compliance frameworks (GDPR, PCI-DSS, ISO 27001). Hands-on experience with Infrastructure as Code (CloudFormation, Terraform, CDK) and serverless development (Node.js/Python). Preferred Qualifications AWS Solutions Architect - Professional or More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯

frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery … Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯