1 to 25 of 27 SOC 2 Jobs in London

risks, regulatory exposure, and investment priorities to support long-term growth. Governance & Compliance Own company-wide security governance, including data protection, access control, and insider risk. Ensure compliance with SOC 2, ISO 27001, GDPR, and other relevant frameworks. Oversee security audits and third-party risk programs. Risk Management & Threat Intelligence Lead threat modelling, risk assessments, and security reviews … Deep understanding of cloud security (especially AWS), application security, and modern DevSecOps. Proven experience securing systems involving digital assets, cryptographic components, or distributed infrastructure. Strong grasp of regulatory frameworks: SOC 2, ISO 27001, GDPR, NIST, etc. Background in threat modeling, incident response, and risk management. Excellent leadership, communication, and stakeholder skills. Bachelor's or advanced degree in Computer More ❯

handling, and device security. Implement practical controls for identity and access management, encryption, endpoint protection, and incident response. Use your understanding of frameworks like Cyber Essentials, ISO 27001, or SOC 2 to guide scalable, pragmatic governance - even if full certification isn't required right away. Help prepare the business for potential future audit, assurance or client due diligence … headcount), ideally PE-backed or professional services-led. Strong practical knowledge of Microsoft 365, Azure AD, endpoint management, and identity/access controls. Familiarity with frameworks like ISO27001, SOC 2, or NIST - and the judgment to apply what's appropriate for scale. Experience working with (or managing) outsourced IT providers. Excellent communication and stakeholder skills - able to influence More ❯

them to specific business outcomes on their timelines. Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Provide insightful technical answers and recommend the most efficient way for customers to … by a vision to restore trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a More ❯

and expansion opportunities within your book of business Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Guide implementation, configuration, and optimization of Vanta Trust Management Platform Provide professional advice … by a vision to restore trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a More ❯

Cybersecurity Engineer | £500 - £600 | Outside IR35 | 3 Months | Fully Remote We’re hiring a Cybersecurity Engineer to support a client on a 3-month contract focused on achieving SOC 2 and ISO 27001 compliance. This role is Outside IR35, fully remote, and offers a daily rate of £500–£600.The successful candidate will deliver the integration of CrowdStrike Falcon … with Vanta, and help implement the security controls, monitoring, and documentation required for audit readiness. Key Requirements Proven experience in cybersecurity engineering and compliance delivery Deep understanding of SOC 2 and ISO 27001 frameworks and audit processes Hands-on experience with integrating cybersecurity tools and platforms Experience integrating CrowdStrike Falcon and Vanta is a plus Strong adherence to More ❯

Cybersecurity Engineer | £500 - £600 | Outside IR35 | 3 months | Fully Remote We're hiring a Cybersecurity Engineer to support a client on a 3-month contract focused on achieving SOC 2 and ISO 27001 compliance. This role is Outside IR35, fully remote, and offers a daily rate of £500-£600. The successful candidate will deliver the integration of CrowdStrike … Falcon with Vanta, and help implement the security controls, monitoring, and documentation required for audit readiness. Key Requirements Proven experience in cybersecurity engineering and compliance delivery Deep understanding of SOC 2 and ISO 27001 frameworks and audit processes Hands-on experience with integrating cybersecurity tools and platforms Experience integrating CrowdStrike Falcon and Vanta is a plus Strong adherence More ❯

development of effective security measures. Support the development, implementation, and continuous improvement of the organization's security strategy, policies, and procedures. Support the maintenance of our ISO 27001 and SOC 2 Level 2 certifications. What you'll bring Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master's degree or relevant certifications … you? Competitive salary and uncapped commission. 26 days of annual leave and Bank Holidays Top-notch Private Healthcare and Health Cash Plan Hybrid working model Initial home office budget 2-month work abroad policy Great training and yearly learning budget Employer pension scheme Enhanced maternity pay Social activities and team outings Referral bonus Employee Assistance Program Great hardware and More ❯

Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated More ❯

technologies like Docker and Kubernetes Knowledge of security best practices for cloud environments (AWS, Azure, GCP) Understanding of security frameworks and compliance standards such as NIST CSF, ISO 27001, SOC 2 Excellent communication and collaboration skills, with the ability to work effectively in a fast-paced, agile environment Strong problem-solving skills and a passion for continuous improvement More ❯

tools (EDR, vulnerability scanners, SCA, etc.) Own and manage internal authentication (SSO, MFA, identity lifecycle) Secure endpoints, laptops, and internal systems Lead security awareness and employee training programs Drive SOC 1/2 and other compliance frameworks Build internal security policies, playbooks, and operational processes Manage relationships with vendors, auditors, and pentesters We're Looking For Someone Who … or similar certification Strong knowledge of cloud security, secure software development, and common vulnerabilities Proven experience securing production environments and CI/CD systems Familiarity with security compliance frameworks (SOC 2, ISO 27001) Experience deploying and operationalising security tools Excellent communication skills and the ability to collaborate across teams A pragmatic, system-oriented mindset that balances risk and More ❯

of Natural Language Processing (NLP), model lifecycle management, and explainability techniques. - Ability to articulate how AI models integrate into enterprise workflows and compliance frameworks. Security & Compliance: - Strong grasp of SOC 2, ISO 27001, GDPR, and enterprise security best practices. - Understanding of identity and access management (IAM), encryption standards, and secure API design. Integrations & APIs: - Experience with RESTful APIs … whether it's troubleshooting a deployment, customizing a demo, or advising on architecture. * Thrives in a fast-paced, high-growth environment where adaptability and initiative are key. Education A 2:1 degree or higher in a technical, scientific, engineering, or mathematical discipline from a recognized university. What You'll Be Doing * Lead and Develop the Team: Recruit, mentor, and … list for this position. Useful Keywords Technical Presales Lead, Solutions Engineering, Pre-Sales Manager, Cloud Architecture, AWS, Azure, GCP, Kubernetes, ECS, Fargate, Terraform, AI/ML, NLP, Security Compliance, SOC2, ISO 27001, GDPR, SaaS, Enterprise Software, API Integrations, Player-Coach, Technical Leadership, Proof of Value, Enterprise Presales More ❯

. Experience designing for security, reliability, and scalability in hybrid and cloud environments. In particular IAM policies, network segmentation, AWS Security Policies and understanding of implications of compliance frameworks (SOC2, GDPR, FedRAMP) Excellent communication skills-able to document and articulate complex technical topics to both technical and non-technical stakeholders. Qualifications: Bachelor's or Master's degree in Computer Science More ❯

security requirements in digital health, life sciences, or FDA-regulated software environments Proven track record managing security and compliance under HIPAA, FDA, and NIST Knowledge of GDPR, ISO 27001, SOC 2 and international security standards Experience with cloud-native environments (e.g., AWS), data encryption, identity management, and secure software development practices Strong communicator who can translate security priorities More ❯

essential Microsoft Purview, Compliance Manager and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks PowerShell scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required: AZ-500 SC-100 (or working More ❯

essential Microsoft Purview, Compliance Manager and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks PowerShell scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required: AZ-500 SC-100 (or working More ❯

essential Microsoft Purview, Compliance Manager and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks PowerShell scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required: AZ-500 SC-100 (or working More ❯

innovation and continuous improvement in client workflows, leveraging Tungsten Automation's cutting-edge technologies Security & Compliance Enterprise Security : Maintain a strong grasp of enterprise security practices (IAM, data encryption, SOC2, GDPR, HIPAA) when integrating AI into regulated industries What You Bring Educational Foundation Bachelor's degree in Computer Science, Information Systems, or a related technical field required Advanced degree preferred More ❯

and thought leadership within the Practice by defining standards, sharing knowledge, and mentoring peers Influence customer outcomes through expert knowledge of DevSecOps tools and compliance frameworks like NIST, CIS, SOC 2, and PCI DSS You'll travel to client sites across the UK, working directly with business and technical stakeholders to drive real business value What you'll More ❯

fast-moving SaaS or product-led business before. Bonus points if you've helped shape DevOps roadmaps, mentored others, or worked with cost optimisation, security, or compliance frameworks (ISO, SOC2, etc.). This is more than just another DevOps role - it's a chance to join a company at the perfect stage: profitable, scaling, tech-led, and genuinely empowering its More ❯

into platform and team operations. Establish and track key platform KPIs including availability, deployment frequency, and MTTR. Collaborate closely with InfoSec and Compliance to support regulatory readiness (e.g., ISO, SOC2). What we're looking for 10+ years of experience in cloud infrastructure and platform engineering, including team leadership. Expert-level knowledge of AWS and deep hands-on experience with More ❯

and issue resolution to safeguard delivery success. Create and maintain standard templates, playbooks, and checklists to elevate project discipline. Monitor adherence to ISO/industry standards (e.g., ISO 27001, SOC2, GDPR, etc.) where relevant. Oversee partner-delivered projects, ensuring they adhere to the same quality, methodology, and governance standards as internal delivery. Work closely with Systems Integrators (SIs), consulting partners More ❯

third-party vendors or partners to ensure compliance with security standards. Understanding of risk management principles and their application in security audits. Knowledge of compliance frameworks like ISO 27001, SOC 2, or similar, and their implementation within enterprise environments. Experience with audit tools and software used for planning, executing, and documenting audits. Experience in writing a comprehensive audit More ❯

third-party vendors or partners to ensure compliance with security standards. Understanding of risk management principles and their application in security audits. Knowledge of compliance frameworks like ISO 27001, SOC 2, or similar, and their implementation within enterprise environments. Experience with audit tools and software used for planning, executing, and documenting audits. Experience in writing a comprehensive audit More ❯

modelling. Security Operations (SOC) : Overseeing monitoring, incident response, vulnerability management, and operational resilience. Governance, Risk & Compliance (GRC) : Leading our efforts to achieve and maintain compliance with PCI, GDPR, SOC2, and ISO27001. Vendor Security : Spearheading due diligence and monitoring of third parties, integrated with our Vendor Governance Forum. Policies & Assurance : Defining and enforcing security standards, collaborating with IT Ops and … have deep experience overseeing a Security Operations function, managing monitoring, incident response, and vulnerability management. Driving GRC : You're an expert in managing compliance frameworks such as PCI, GDPR, SOC2, and ISO 27001, and you're skilled at preparing for audits. Vendor Security : You have led vendor security analysis, including due diligence and ongoing monitoring. Collaboration & Execution : You can define More ❯

Location: London, UK (Hybrid: 2 days per week in the office) Company: Navro - Pioneering the Future of Payments Architecting Trust: Information Security Manager This isn't just another Information Security role. No legacy systems. No corporate red tape. No coasting. This is about building something from the ground up. Fast. We're Navro, a rapidly scaling B2B payments startup … regional regulatory requirements. Own security GRC automation tooling (Vanta) and work across the business to maintain security compliance posture. Successfully lead internal and external security audits - ISO 27001/SOC2 Type II/PCI-DSS. Champion a company-wide culture of security awareness and operational resilience by playing a key role in defining, maintaining, and managing security incident response and … research effectively to find the missing details. ISO 27001 et al - You have built and maintained an ISO 27001 certified ISMS before and led other important security audit assessments (SOC2, PCI, etc.). You may have also gained ISO 27001 Lead Auditor or alike certifications (a plus). Collaborator Extraordinaire - Strong communications skills with the ability to explain technical and More ❯