1 to 25 of 28 SOC 2 Jobs in the UK excluding London

Cybersecurity Engineer (ISO27001 & SOC 2 Lead) Location: London (3 days per week onsite) Must have Right to Work: Cannot provide sponsorship Overview A newly created role to take ownership of ISO27001 and SOC 2 certification, ongoing compliance, and the organisation's overall security posture. This position … transitioned or is transitioning into cybersecurity and wants to operate as the central technical security owner. Key Responsibilities Security Governance & Compliance (ISO27001 & SOC 2) Own and maintain ISO27001 and SOC 2 certification processes. Lead evidence collection, control implementation, compliance documentation, and readiness for external audits. Maintain ...

addition maintaining the organisations compliance with ISO 9001:2025 (Already certified). Looking forward into the future these requirements are also on the horizon: SOC 2 Type 2: For targeting US-based clients DPIA (Data Protection Impact Assessment) AI-Specific Compliance (The 2026 Frontier) ISO/… people side of making compliance work in practice. Youll likely bring: Proven experience implementing at least one of: Cyber Essentials, ISO 27001:2022 or SOC 2 Strong organisational skills and the ability to break complex frameworks into clear, actionable steps Confidence working with technical teams and a comfort ...

with a willingness to broaden your expertise.Understanding of hybrid and on-premise security concepts.Awareness of key frameworks such as ISO 27001, NIST, SOC 2, and CIS Controls.Cloud Security Technologies & PlatformsExperience with some of the following is helpful (not all required):Microsoft Defender for Cloud, AWS Security Hub, GuardDuty … KeywordsCloud Security, Cyber Security, Pre-Sales Consultant, Azure Security, AWS Security, GCP Security, CSPM, CIEM, IAM, Zero Trust, SIEM, XDR, Kubernetes Security, DevSecOps, ISO27001, SOC 2, Security Consultant. ...

program. - Conduct internal audits, third-party risk assessments, and due diligence reviews. - Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. - Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. - Identify gaps in security controls and recommend … and audit. - Strong understanding of international regulatory frameworks and standards. - Hands-on experience with: - ISO27001 audits and implementation - GDPR compliance - NIST cybersecurity framework - SOX, SOC 2, HIPAA, CCPA, LGPD - Ability to interpret complex regulatory requirements and translate them into actionable controls. - Excellent communication and stakeholder engagement skills. - Strong ...

emerging threats, risk and security. Governance and Compliance - maintain frameworks and ensure compliance with a range of standards including - GDPR, PCI DSS, PCI 3DS, SOC 2, NIST, etc. Risk Management - responsible for risk audits and managing 3rd party and supply chain risk. Secure Development - ensure security is integrated … senior Information Security roles. A relevant professional certification (CISS or CISM) Detailed understanding of GDPR Strong knowledge of compliance frameworks (PCI DSS, PCI 3DS, SOC 2) Experience of secure software development practices and cloud security. Strong analytical and problem solving skills. This is an excellent opportunity ...

Architect secure, compliant Data Sharing patterns for external research partners, translating legal/contractual constraints into technical controls. Drive the data architecture roadmap toward SOC 2 and ISO 27001 readiness, focusing on auditability and access control for training data. About You You are an experienced Architect (e.g., TOGAF … with: Data governance frameworks Data tenancy and segregation models Data consistency and replication patterns Secure data sharing between organizations Beneficial Skills Prior involvement in SOC 2, ISO 27001 compliance programmes, particularly from a data architecture perspective. Exposure to scientific, chemical, or manufacturing data environments. Familiarity with modern data ...

Service Desk, Azure, Cloud, Hybrid, On prem, On Premise, Infrastructure, VMWare, HyperV, Virtualisation, Software testing, software development, Agile, ITIL, ITSM, SOC, Cyber Security, SOC2, ISO27001, Cyber Essentials Plus, GDPR, Cyber Essentials +, DR, Disaster Recovery, Backup, Veeam, Firewalls, Antivirus, IT Manager, Head of IT, Service Desk, Azure, Cloud, Hybrid … prem, On Premise, Infrastructure, VMWare, HyperV, Virtualisation, Software testing, software development, Agile, ITIL, ITSM, SOC, Cyber Security, SOC2, ISO27001, Cyber Essentials Plus, GDPR, Cyber Essentials +, DR, Disaster Recovery, Backup, Veeam, Firewalls, Antivirus, IT Manager, Head of IT, Service Desk, Azure, Cloud, Hybrid, On prem, On Premise, Infrastructure, VMWare ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

ability to influence senior stakeholders Desirable: Experience leading or maturing ISO 27001 programmes Exposure to operational resilience or outsourced service provider requirements Familiarity with SOC 2 and cyber assurance testing Personal Attributes Strategic and analytical mindset Confident working with senior leadership Able to make pragmatic, risk-based decisions ...

adhering to best practices in data protection and cloud security, in line with Cyber Essentials Plus and ISO27001, and implement compliance measures (e.g., GDPR, SOC 2). Analyse performance metrics and make data-driven decisions to improve platform performance, stability, and cost-efficiency. Engage with stakeholders (internal and ...

documentation, organisation, and communication skills. Confidence engaging with auditors, regulators, customers, and senior stakeholders. Desirable Experience HIPAA and healthcare/health tech compliance experience. SOC2 knowledge. Understanding of cloud security and SaaS environments. Qualifications (desirable but not required) CIPP/E, CIPM, CIPT ISO27001 Lead Implementer/Lead Auditor HCISPP ...

and associated services. Enhance identity governance, privileged access management, DLP, and data classification. Support Defender tooling and alert management. Threat & Vulnerability Management Work with SOC partners to triage and respond to alerts. Conduct vulnerability assessments and coordinate remediation efforts. Enhance endpoint protection and XDR capabilities. Security Operations & Compliance Harden … endpoints, and virtual desktop environments. Maintain logging, monitoring, and alerting coverage. Support external audits and recognised security certifications (e.g., Cyber Essentials Plus, ISO 27001, SOC 2). About You 3+ years’ experience in security engineering or cyber operations. Strong hands-on Azure and Microsoft 365 security expertise. Experience ...

security Infrastructure-as-code mindset and strong automation skills Comfortable working cross-functionally and owning shared platforms Nice to Have Experience with compliance frameworks (SOC 2, ISO 27001, etc.) Familiarity with SRE principles and reliability engineering Security certifications or deep interest in cloud security About ...

and assist with customers’ RFIs and RFPs; Obtain at least CII certification to appreciate how the insurance industry works. Qualifications Essential: A minimum of 2 years in an infrastructure, SysOps or Security role; Active Directory management; AWS ecosystem, especially AppStream 2.0. NTFS permission & Group Policy configuration & management; Microsoft … Information Security specialism. Desirable: IaaS and PaaS environments; SQL; VMWare Cloud Director; SharePoint Windows IIS security & management. Security & GDPR compliance (ISO27001/ISO27032/SOC 2). ...

frameworks. Ability to interpret high-level security concepts and translate them into usable, pragmatic controls. Knowledge of recognised frameworks (e.g., ISO 27001, NIST CSF, SOC 2) without needing to be tied to specific industry implementations. Comfortable engaging with senior stakeholders and presenting risk and security themes with clarity. ...

Service Manager - ITIL/ITSM - hybrid - £80K Hybrid - 2 days a week in office - Kings Cross Are you a proactive IT Service Manager who wants to lead technology service operations and ensure consistent, reliable performance across systems and platforms? In this role, you'll take ownership of incident management … desk triage and out-of-hours support coverage. Partner with key stakeholders across Product, Engineering, and Compliance to support audit readiness (ISO 27001/SOC 2). What you'll need: 5+ years' experience in IT service management, ITSM, ITIL, including awareness of Devops/Strong understanding ...

technical assurance programmes Strong project or programme delivery experience Experience managing complex projects across distributed teams Knowledge of security frameworks (ISO 27001, NIST, CIS, SOC 2, etc.) Strong stakeholder management and communication skills Desirable Experience delivering CCM, vulnerability management, or security assurance initiatives Experience working in federated organisations ...

challenge assumptions diplomatically, and influence senior stakeholders. Provide guidance in across security frameworks and standards such as ISO27001, NIST CSF, PCI-DSS, Cyber Essentials, SOC 2 (or others/more/similar) where appropriate. Have a strong understanding of technical services, challenges, architecture and onoarding of those ...

market Oversee delivery across multiple concurrent initiatives Ensure operational excellence in deployment, monitoring and resilience Champion Security & Governance Drive secure engineering and compliance (GDPR, SOC2) Ensure risk-aware practices across architecture and delivery Support responsible AI governance What Youll Bring 10+ years in software engineering, including senior leadership experience Proven ...

Cyber Security Project Manager required for a global FTSE 100 organisation. The role is focused on leading the Threat Defence (SOC) workstream within a major cyber transformation programme. This role will drive the uplift of security operations and response capabilities, delivering enhanced network visibility and transitioning services into business … usual. Key Responsibilities Lead end-to-end delivery of the Threat Defence workstream (SOC, EDR, SIEM and security operations uplift). Define scope, milestones, resource plans, budgets and success criteria. Manage delivery through stage gates, governance forums and Steering Committee oversight. Oversee RAID management, risk mitigation and inter-workstream ...

compliance requirements across the organisation. Is this role for you: • Familiarity with auditing standards and security frameworks (e.g., ISO/IEC 27001, CMMC, SOC 2). • Working knowledge of global data privacy and protection laws (e.g., GDPR, PIPL, CCPA, DPDP). • Experience conducting or supporting security audits and ...

SDLC, and assurance processes. Experience delivering "secure by design" in regulated sectors (e.g., finance, healthcare, critical infrastructure), including Azure compliance certifications like ISO 27001, SOC 2, and GDPR. Proficiency in cloud security architecture, including zero-trust models, container security (e.g., AKS), and multi-cloud/hybrid strategies. Whilst ...

with: Defining and delivering an information security strategy aligned with business objectives Managing compliance with UK and international standards such as GDPR, PCI DSS, SOC 2, and related frameworks Leading audit activity, certifications, and third-party security assessments Incident response planning, vulnerability management, and security awareness initiatives Does ...

compliance topics. Champion ethical governance and sustainable practices in all sales engagements. Skills & Experience Strong understanding of compliance frameworks (e.g. ISO 27001, GDPR, SOC 2) and risk management principles. Experience supporting sales teams in a technical or compliance-focused capacity. Proven ability to complete RFPs and security questionnaires ...